CVE-2023-30772: 
Linux Kernel vulnerability analysis and mitigation

The Linux kernel before 6.2.9 contains a race condition vulnerability (CVE-2023-30772) in the DA9150 charger driver (drivers/power/supply/da9150-charger.c). The vulnerability was discovered and reported by Zheng Wang, Zhuorao Yang, Yang Hu, and Zong Cao in April 2023 (Kernel Commit).

The vulnerability stems from a race condition in the da9150_charger_remove function. When &charger->otg_work is bound with da9150_charger_otg_work in da9150_charger_probe, da9150_charger_otg_ncb may be called to start the work. If the module is removed, which triggers da9150_charger_remove for cleanup, there may be an unfinished work leading to a use-after-free condition. The vulnerability has been assigned a CVSS v3.1 base score of 6.4 (Medium) with vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H (NVD).

A physically proximate attacker who can unplug a device could potentially exploit this vulnerability to cause a denial of service (system crash) or possibly execute arbitrary code (Ubuntu Security).

The vulnerability has been fixed by canceling the work before cleanup in the da9150_charger_remove function. The fix was included in Linux kernel version 6.2.9. Users should update their kernel to version 6.2.9 or later to address this vulnerability (Kernel Commit).