Meanwhile we have:
waiting to be fixed in -stable, which is trivially exploitable.
That's an exploit I'd like to see. So far as I can tell this bug occurs during hardware init,
which for a conventional PCI setup will occur during boot or coldplug. If your hardware is
affected, you should see the kernel try to dereference the NULL pointer at that point,
otherwise, not at all.
Looking at a few examples, this PCI device doesn't seem to come in a hotplug form factor, so a
hotplug exploit will require that you manufacture hardware for the purpose. Few people would
call that "trivial"
Attacking thus during kernel boot is an "airtight hatchway" trick, it gets you privileges to
do something you could already do, and thus isn't a security impact. Coldboot is little
better, you're in userspace, but you're root and even in quite locked down scenarios the root
processes doing coldboot are unrestricted so it's back to the "airtight hatchway".