Impact
A double deassertion of the PERST# signal on the Tegra194 PCIe controller triggers an improper deinitialization sequence in the driver, causing a DBI register (offset 0x8bc) to be accessed before the controller core is powered on. This timing fault forces a Control Backbone (CBB) timeout, halting the PCIe subsystem and potentially destabilizing the kernel, which manifests as a denial of service to the affected device. The flaw stems from an improper execution order (CWE‑367) where cleanup routines run before the core is ready.
Affected Systems
All systems running a Linux kernel that includes the Tegra194 PCIe driver and have not yet applied the patch are affected. This includes any boards or modules built with a Tegra194 platform that use the default kernel without the reported commit. The exact affected kernel versions are not listed, so all recent builds before the patch remain vulnerable.
Risk and Exploitability
The CVSS score of 5.5 indicates moderate severity, while an EPSS score of less than 1% implies a very low likelihood of exploitation. Based on the description, it is inferred that the attack vector is local or physical, requiring the ability to cause a double deassert of the PERST# signal or manipulate power‑cycling events. The vulnerability is not listed in CISA’s KEV catalog, which further suggests limited operational exposure. Overall risk is confined to environments where an attacker or automated power sequence can trigger the fault, potentially leading to PCIe device unavailability or kernel instability.
OpenCVE Enrichment