Early Access — Mondoo Vulnerability Intelligence is currently in preview.
In the Linux kernel, the following vulnerability has been resolved:
PCI: endpoint: Fix PCI domain ID release in pci_epc_destroy()
pci_epc_destroy() invokes pci_bus_release_domain_nr() to release the PCI domain ID, but there are two issues:
'epc->dev' is passed to pci_bus_release_domain_nr() which was already freed by device_unregister(), leading to a use-after-free issue.
Domain ID corresponds to the EPC device parent, so passing 'epc->dev' is also wrong.
Fix these issues by passing 'epc->dev.parent' to pci_bus_release_domain_nr() and also do it before device_unregister().
[mani: reworded subject and description]
Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:HA:H7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H