Linux Kernel PCI Endpoint Test IRQ Handling Vulnerability

A vulnerability in the Linux kernel's PCI endpoint test driver can lead to a use-after-free error. This issue arises because the driver frees interrupt request (IRQ) lines after the associated device has been removed, creating a race condition. In this window, IRQs can be received while the device's memory has already been released, causing the IRQ handler to access invalid memory and trigger a kernel oops. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can cause a kernel oops, which is a type of error indicating that the kernel has encountered a problem that could lead to a system crash or instability.

Reproduction

To reproduce this vulnerability, load the PCI endpoint test driver and allow it to receive IRQs. Then, remove the device without first freeing the IRQs. This sequence will create a race condition where the IRQ handler can access invalid memory, leading to a kernel oops.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.