Impact
The flaw occurs when a PCI device is probed: the match() callback is invoked without holding the device lock, allowing the driver core to read the driver_override field without synchronization. This oversight can trigger a use‑after‑free or memory corruption, potentially letting an attacker execute arbitrary kernel code or corrupt system memory. The weakness corresponds to CWE‑416 and CWE‑364.
Affected Systems
The vulnerability affects the Linux kernel. No specific version range is supplied, but any kernel containing the unprotected driver_override access during PCI probe is at risk until the patch is applied. The upstream commit referenced in the advisories contains the fix, so kernel releases newer than that commit are safe.
Risk and Exploitability
The likely attack vector is an attacker who can influence the driver_override value during device initialization, such as by loading a malicious PCI driver or tampering with device firmware. Because the flaw is a data race, an adversary with module‑loading privileges could exploit it. The EPSS score of 0.00157 indicates a very low yet non‑zero probability of exploitation, and the vulnerability is not listed in CISA’s KEV catalog. The absence of a known exploit does not negate the risk; exploitation could lead to privilege escalation or arbitrary kernel code execution. The details of the attack path are inferred from the description and are not explicitly stated in the input.
OpenCVE Enrichment