A flaw was found in kernel/debug/debug_core.c in the Linux kernel in the lockdown mode. In this flaw, an attacker with local access could trigger the debugger, bypass lockdown and write anonymously.
In this flaw, KGDB and KDB allow read and write access to kernel memory, and thus should not be allowed during lockdown. An attacker with access to a serial port could trigger the debugger and use it to bypass lockdown.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 2096817]
This was fixed for Fedora with the 5.17.10 stable kernel updates.