CVE-2022-48635 is a medium-severity vulnerability in the Linux kernel affecting the fsdax subsystem, specifically in the dax_iomap_rw() function. The flaw manifests as an infinite loop triggered when the read() system call is invoked with a count of zero, such as when using the 'tail' command on virtiofs. Internally, iomap_iter() incorrectly returns 1 when the count is zero, causing dax_iomap_rw() to loop indefinitely. This results in a CPU warning and potential resource exhaustion. The vulnerability stems from improper handling of zero-length reads in the dax_iomap_rw() function, violating expected iteration behavior. The fix involves adding a check to handle zero count values correctly, preventing the infinite loop. The vulnerability is classified under CWE-835 (Loop with Unreachable Exit Condition) and has a CVSS 3.1 base score of 6.2, indicating a medium severity with local attack vector, low complexity, no privileges required, no user interaction, unchanged scope, and impact limited to availability (denial of service). No known exploits are currently reported in the wild. The affected Linux kernel versions include the commit identified by ca289e0b95afa973d204c77a4ad5c37e06145fbf and likely other versions prior to the patch. This vulnerability primarily impacts systems using the fsdax and virtiofs features, which are relevant in environments leveraging persistent memory and virtualized file systems, respectively.

For European organizations, the impact of CVE-2022-48635 centers on potential denial-of-service conditions on Linux systems utilizing fsdax and virtiofs. Such systems are often found in data centers, cloud infrastructure, and virtualization platforms that employ persistent memory technologies or advanced file system features. An infinite loop in kernel space can lead to CPU resource exhaustion, degraded system performance, or crashes, potentially disrupting critical services. While the vulnerability does not compromise confidentiality or integrity, availability impacts could affect high-availability environments, financial services, telecommunications, and public sector infrastructure relying on Linux-based virtualization. The local attack vector and absence of required privileges limit exploitation to users or processes with local access, reducing remote attack risks but increasing concerns in multi-tenant or shared environments. European organizations with virtualized workloads or persistent memory deployments should assess exposure, as denial-of-service conditions could lead to operational downtime and associated financial or reputational damage.

To mitigate CVE-2022-48635, European organizations should: 1) Apply the latest Linux kernel patches that include the fix for the infinite loop in dax_iomap_rw(), ensuring kernel versions are updated beyond the commit ca289e0b95afa973d204c77a4ad5c37e06145fbf. 2) Audit systems for usage of fsdax and virtiofs features, particularly in virtualized or persistent memory environments, to identify potentially vulnerable hosts. 3) Limit local user access to trusted personnel and processes, as exploitation requires local interaction with the read() syscall on affected filesystems. 4) Implement monitoring for unusual CPU usage or kernel warnings related to iomap_iter or dax_iomap_rw to detect potential exploitation attempts or system instability. 5) In environments where immediate patching is not feasible, consider disabling fsdax or virtiofs features if not critical to operations, to reduce attack surface. 6) Incorporate this vulnerability into incident response and vulnerability management workflows to ensure timely detection and remediation.