6.2

CVE-2022-48635

fsdax: Fix infinite loop in dax_iomap_rw()

In the Linux kernel, the following vulnerability has been resolved:

fsdax: Fix infinite loop in dax_iomap_rw()

I got an infinite loop and a WARNING report when executing a tail command
in virtiofs.

  WARNING: CPU: 10 PID: 964 at fs/iomap/iter.c:34 iomap_iter+0x3a2/0x3d0
  Modules linked in:
  CPU: 10 PID: 964 Comm: tail Not tainted 5.19.0-rc7
  Call Trace:
  <TASK>
  dax_iomap_rw+0xea/0x620
  ? __this_cpu_preempt_check+0x13/0x20
  fuse_dax_read_iter+0x47/0x80
  fuse_file_read_iter+0xae/0xd0
  new_sync_read+0xfe/0x180
  ? 0xffffffff81000000
  vfs_read+0x14d/0x1a0
  ksys_read+0x6d/0xf0
  __x64_sys_read+0x1a/0x20
  do_syscall_64+0x3b/0x90
  entry_SYSCALL_64_after_hwframe+0x63/0xcd

The tail command will call read() with a count of 0. In this case,
iomap_iter() will report this WARNING, and always return 1 which casuing
the infinite loop in dax_iomap_rw().

Fixing by checking count whether is 0 in dax_iomap_rw().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15 < 5.15.71
LinuxLinux Kernel Version >= 5.16 < 5.19.12
LinuxLinux Kernel Version6.0 Updaterc1
LinuxLinux Kernel Version6.0 Updaterc2
LinuxLinux Kernel Version6.0 Updaterc3
LinuxLinux Kernel Version6.0 Updaterc4
LinuxLinux Kernel Version6.0 Updaterc5
LinuxLinux Kernel Version6.0 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.14
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.2 2.5 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

https://git.kernel.org/stable/c/17d9c15c9b9e7fb285f7ac5367dfb5f00ff575e3
Patch
https://git.kernel.org/stable/c/60644dffac87b1bb47bdb393aa29d5f2ffcf41a0
Patch
https://git.kernel.org/stable/c/929ef155e1da41c06f4d8ca86ae12b851a83a744
Patch
https://git.kernel.org/stable/c/463f36137c40342fb03bba380c1bf703c40d89a6