CVE-2022-49670 is a vulnerability identified in the Linux kernel, specifically within the RDMA (Remote Direct Memory Access) DIM (Dynamic Interrupt Moderation) subsystem. The issue arises from a divide-by-zero error in the function rdma_dim_stats_compare(), which occurs when the previous cpe_ratio value is zero. This flaw can cause a kernel panic or system crash due to an unhandled arithmetic exception. The vulnerability is located in the mlx_compat module, which is related to Mellanox device compatibility layers for RDMA. The provided call trace indicates that the error occurs during interrupt handling routines, specifically within the ib_poll_handler and irq_poll_softirq functions. This suggests that the vulnerability could be triggered during RDMA network traffic processing or interrupt moderation activities. The root cause is a missing check for zero before performing a division operation, leading to a critical runtime error. The vulnerability affects specific Linux kernel versions identified by the commit hashes listed, which appear to be backported patches or specific kernel snapshots. No CVSS score has been assigned, and there are no known exploits in the wild at the time of publication. The vulnerability was published on February 26, 2025, and is classified as a kernel-level vulnerability affecting core networking and hardware interaction components.

For European organizations, this vulnerability poses a risk primarily to servers and infrastructure utilizing Linux kernels with RDMA capabilities, especially those using Mellanox hardware or compatible drivers. RDMA is commonly employed in high-performance computing, data centers, and enterprise storage networks to enable low-latency, high-throughput communication. A successful exploitation could lead to denial of service (DoS) conditions by crashing affected systems, potentially disrupting critical services and applications relying on RDMA networking. While there is no indication that this vulnerability allows privilege escalation or remote code execution, the resulting system instability could impact availability and operational continuity. Organizations in sectors such as finance, telecommunications, research institutions, and cloud service providers that rely on RDMA-enabled Linux servers may experience service interruptions or degraded performance. The lack of known exploits suggests a low immediate threat, but the kernel-level nature of the flaw means that once exploited, recovery may require system reboots and patching, which could be operationally costly. Confidentiality and integrity impacts are minimal based on current information, but availability impact is moderate to high depending on the criticality of affected systems.

To mitigate this vulnerability, European organizations should: 1) Identify and inventory Linux systems running kernels with RDMA support, particularly those using Mellanox or mlx_compat drivers. 2) Apply the official Linux kernel patches or updates that fix the divide-by-zero error as soon as they become available from trusted sources or Linux distributions. 3) If immediate patching is not possible, consider disabling RDMA features or the mlx_compat module temporarily to prevent triggering the vulnerability. 4) Monitor system logs and kernel messages for signs of crashes or kernel panics related to RDMA interrupt handling. 5) Implement robust system monitoring and alerting to detect unexpected reboots or service disruptions. 6) Coordinate with hardware vendors for firmware or driver updates that may address related issues. 7) Test patches in staging environments to ensure stability before wide deployment. 8) Maintain up-to-date backups and recovery procedures to minimize downtime in case of exploitation. These steps go beyond generic advice by focusing on RDMA-specific components and operational controls tailored to affected environments.