CVE-2023-30772 is a vulnerability identified in the Linux kernel versions prior to 6.2.9, specifically within the power supply driver for the DA9150 charger (drivers/power/supply/da9150-charger.c). The flaw is a race condition that leads to a use-after-free (CWE-416) scenario. This occurs when a physically proximate attacker unplugs a device, triggering a timing issue in the kernel's handling of the charger driver. The race condition allows the attacker to cause the kernel to access memory that has already been freed, potentially leading to arbitrary code execution or kernel memory corruption. The vulnerability has a CVSS 3.1 base score of 6.4, indicating a medium severity level. The vector metrics specify that the attack requires physical proximity (AV:P), high attack complexity (AC:H), no privileges (PR:N), no user interaction (UI:N), and impacts confidentiality, integrity, and availability (C:H/I:H/A:H). No known exploits are currently reported in the wild, and no vendor or product-specific details beyond the Linux kernel and the DA9150 charger driver are provided. The vulnerability is significant because kernel-level flaws can compromise the entire system, allowing attackers to escalate privileges or cause denial of service. However, exploitation requires physical access to the device, limiting the attack surface primarily to environments where an attacker can physically interact with the hardware.

For European organizations, the impact of CVE-2023-30772 depends on their use of Linux-based systems with the affected kernel versions and hardware utilizing the DA9150 charger driver. Organizations relying on embedded Linux devices, IoT equipment, or specialized hardware in industrial or operational technology environments may be particularly at risk. Successful exploitation could lead to full system compromise, data breaches, or disruption of critical services. The requirement for physical proximity reduces the likelihood of remote exploitation but raises concerns for environments with shared physical access, such as data centers, offices, or manufacturing floors. Confidentiality, integrity, and availability are all at risk, potentially affecting sensitive data and operational continuity. European organizations in sectors like manufacturing, telecommunications, and critical infrastructure that deploy Linux-based embedded systems should be vigilant. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits over time.

To mitigate CVE-2023-30772, European organizations should: 1) Update Linux kernels to version 6.2.9 or later where the vulnerability is patched. 2) Identify and inventory devices running affected kernel versions and using the DA9150 charger driver to prioritize patching. 3) Restrict physical access to critical systems and devices, implementing strict access controls and monitoring to prevent unauthorized unplugging or hardware manipulation. 4) Employ hardware security measures such as tamper-evident seals or locked enclosures for devices in sensitive environments. 5) Monitor system logs and kernel messages for unusual behavior indicative of exploitation attempts. 6) Coordinate with hardware vendors and Linux distribution maintainers for timely updates and advisories. 7) Consider deploying kernel hardening features and security modules that can mitigate use-after-free exploitation vectors. These steps go beyond generic advice by focusing on physical security and targeted patch management for embedded Linux systems.