A NULL pointer dereference flaw was found in the Xirlink camera USB driver 'xirlink-cit' in the Linux kernel. The driver mishandles invalid descriptors leading to a denial-of-service (DoS). This could allow a local attacker with user privilege to crash the system or leak kernel internal information.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1824793]
This was fixed for Fedora with the 5.5.14 stable kernel updates.
Mitigation for this issue is to skip loading the affected module 'xirlink-cit' onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.
How do I blacklist a kernel module to prevent it from loading automatically?