Linux Kernel PCI Designware Endpoint Vulnerability in BAR Size/Flags Management

Vulnerability

A vulnerability in the Linux kernel's PCI Designware endpoint management has been addressed. The issue involved the 'pci_epc_set_bar()' function, which was modified to allow dynamic changes to the physical address of a Base Address Register (BAR) that had already been configured. This change created a potential risk, as 'set_bar()' could be called multiple times without clearing the BAR's PCI address, leading to improper memory access. The vulnerability has been resolved by adding checks to prevent unauthorized changes to BAR size and flags, ensuring that memory access remains within the correct boundaries.

Impact

Exploitation of this vulnerability could allow the host to read memory outside the intended range, potentially leading to unauthorized access to sensitive data or causing memory corruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.2

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.2

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel PCI Designware Endpoint Vulnerability in BAR Size/Flags Management

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating