Linux Kernel Wacom HID Driver General Protection Fault Vulnerability

A vulnerability in the Linux kernel's Wacom HID driver can lead to a hard crash or a general protection fault. This issue arises because the Wacom AES battery handler, introduced in a recent commit, is scheduled as a delayed work task. If a Wacom device is removed while this task is still pending, the handler can cause a crash when it is eventually executed. This situation commonly occurs with built-in USB devices after they resume from hibernation, as the pending task can lead to a hard crash when the device is removed.

Impact

The vulnerability causes a hard crash of the system or a general protection fault, disrupting normal operation and potentially leading to data loss or corruption.

Remediation

To address this vulnerability, the Wacom AES battery work should be canceled in the Wacom remove function, ensuring that no pending tasks can lead to a crash when the device is removed.