It was found that in the Linux kernel attackers can trigger a use-after-free and OOPS in the drivers/char/ipmi/ipmi_msghandler.c code by arranging certain simultaneous execution of the code accessing IPMI device files, which in turn can lead to a denial-of-service (DoS). References: https://lore.kernel.org/lkml/1547616802-31868-1-git-send-email-yangyingliang@huawei.com/T/#u https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.5 An upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=77f8269606bf95fcb232ee86f6da80886f1dfae8
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1681008]
This was fixed for Fedora with the 4.20.5 stable updates