https://www.securityfocus.com/bid/108410
From the RedHat bug discussion:
https://bugzilla.redhat.com/show_bug.cgi?id=1709180
A flaw was found in the Linux kernels implementation of IPMI (remote baseband access) where an attacker with local access to read /proc/ioports may be able to create a use-after-free condition when the kernel module is unloaded. The use after-free condition may result in privilege escalation. Investigation is ongoing.
See https://security-tracker.debian.org/tracker/CVE-2019-11811 for a lot of other distro links (the Source section at the top).
(Score: 2) by sjames on Monday July 22 2019, @10:56PM
Fortunately, this bug is unlikely to be triggered and unlikely to be exploited. Looking at the actual kernel patch, it could only happen iof the module failed to init when loaded, and when the bug is triggered, the kernel oopses.