Linux Kernel PCI Resource Use-After-Free Vulnerability on s390

A use-after-free vulnerability has been identified in the Linux kernel's PCI subsystem for s390 architecture. This issue arises when PCI functions are individually hot-unplugged and then re-added, particularly on SR-IOV devices. The vulnerability occurs because the resource management for PCI functions does not properly handle the removal and reallocation of memory-mapped I/O resources, leading to potential exploitation. When a PCI function is hot-unplugged, its resources are freed, but references to these resources remain in the PCI bus's resource list. If the function is re-plugged, it can reclaim these stale resources, causing a use-after-free condition.

Impact

Exploitation of this vulnerability can lead to a use-after-free condition, which may be exploited to execute arbitrary code or cause a denial-of-service condition by crashing the system.