A flaw was found in the Linux kernel. A use-after-free may be triggered in bigben_set_led() when plugging in a malicious USB device, which advertises itself as a bigben device.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 2172950]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
This was fixed for Fedora with the 6.1.16 stable kernel updates.