CVE-2022-48635
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/04/2024
Last modified:
29/10/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
fsdax: Fix infinite loop in dax_iomap_rw()<br />
<br />
I got an infinite loop and a WARNING report when executing a tail command<br />
in virtiofs.<br />
<br />
WARNING: CPU: 10 PID: 964 at fs/iomap/iter.c:34 iomap_iter+0x3a2/0x3d0<br />
Modules linked in:<br />
CPU: 10 PID: 964 Comm: tail Not tainted 5.19.0-rc7<br />
Call Trace:<br />
<br />
dax_iomap_rw+0xea/0x620<br />
? __this_cpu_preempt_check+0x13/0x20<br />
fuse_dax_read_iter+0x47/0x80<br />
fuse_file_read_iter+0xae/0xd0<br />
new_sync_read+0xfe/0x180<br />
? 0xffffffff81000000<br />
vfs_read+0x14d/0x1a0<br />
ksys_read+0x6d/0xf0<br />
__x64_sys_read+0x1a/0x20<br />
do_syscall_64+0x3b/0x90<br />
entry_SYSCALL_64_after_hwframe+0x63/0xcd<br />
<br />
The tail command will call read() with a count of 0. In this case,<br />
iomap_iter() will report this WARNING, and always return 1 which casuing<br />
the infinite loop in dax_iomap_rw().<br />
<br />
Fixing by checking count whether is 0 in dax_iomap_rw().
Impact
Base Score 3.x
6.20
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.15 (including) | 5.15.71 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 5.19.12 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.0:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.0:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.0:rc6:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/17d9c15c9b9e7fb285f7ac5367dfb5f00ff575e3
- https://git.kernel.org/stable/c/463f36137c40342fb03bba380c1bf703c40d89a6
- https://git.kernel.org/stable/c/60644dffac87b1bb47bdb393aa29d5f2ffcf41a0
- https://git.kernel.org/stable/c/929ef155e1da41c06f4d8ca86ae12b851a83a744
- https://git.kernel.org/stable/c/17d9c15c9b9e7fb285f7ac5367dfb5f00ff575e3
- https://git.kernel.org/stable/c/60644dffac87b1bb47bdb393aa29d5f2ffcf41a0
- https://git.kernel.org/stable/c/929ef155e1da41c06f4d8ca86ae12b851a83a744



