https://www.securityfocus.com/bid/108410
From the RedHat bug discussion:
https://bugzilla.redhat.com/show_bug.cgi?id=1709180
A flaw was found in the Linux kernels implementation of IPMI (remote baseband access) where an attacker with local access to read /proc/ioports may be able to create a use-after-free condition when the kernel module is unloaded. The use after-free condition may result in privilege escalation. Investigation is ongoing.
See https://security-tracker.debian.org/tracker/CVE-2019-11811 for a lot of other distro links (the Source section at the top).
(Score: 2) by PartTimeZombie on Monday July 22 2019, @08:35PM
Good policy.
Also, don't give local access to all and sundry:
I am going to assume that local attacker also needs to be part of the sudoers group.
I am not going to worry too much about this one.