CVE-2022-49670
📋 TL;DR
A divide-by-zero vulnerability in the Linux kernel's RDMA DIM (Dynamic Interrupt Moderation) component can cause kernel panics and system crashes when processing certain network traffic. This affects systems using RDMA (Remote Direct Memory Access) with vulnerable kernel versions, particularly those with Mellanox network hardware.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially disrupting critical services and requiring physical or remote reboot.
Likely Case
System crash or instability when RDMA traffic triggers the divide-by-zero condition, causing service interruptions.
If Mitigated
No impact if patched or if RDMA is not enabled/used on the system.
🎯 Exploit Status
Exploitation requires ability to send RDMA traffic to trigger the condition; likely requires network access to RDMA-enabled interfaces.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits 0b6e0eb5c45e79e9095de2498cc0ca5ec563fc5e or later fixes
Vendor Advisory: https://git.kernel.org/stable/c/0b6e0eb5c45e79e9095de2498cc0ca5ec563fc5e
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution. 2. For custom kernels, apply the fix commit. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable RDMA
linuxDisable RDMA functionality if not required, preventing the vulnerable code path.
modprobe -r rdma_cm
modprobe -r ib_core
echo 'blacklist rdma_cm' >> /etc/modprobe.d/blacklist.conf
echo 'blacklist ib_core' >> /etc/modprobe.d/blacklist.conf
🧯 If You Can't Patch
- Disable RDMA on affected systems if not essential for operations.
- Implement network segmentation to restrict RDMA traffic to trusted sources only.
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if RDMA modules are loaded: 'uname -r' and 'lsmod | grep -E "(rdma|ib_)"'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is patched and system remains stable under RDMA load.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/messages or dmesg
- 'divide error' or similar arithmetic exception in kernel logs
- System crash/reboot events
Network Indicators:
- Unusual RDMA traffic patterns that might trigger the condition
SIEM Query:
source="kernel" AND ("divide by zero" OR "divide error" OR "panic")🔗 References
- https://git.kernel.org/stable/c/0b6e0eb5c45e79e9095de2498cc0ca5ec563fc5e
- https://git.kernel.org/stable/c/0fe3dbbefb74a8575f61d7801b08dbc50523d60d
- https://git.kernel.org/stable/c/5af106f8e072aebd88b95e164a08fa320651a99a
- https://git.kernel.org/stable/c/7c1963391af51ee322378d1b2849c60e9037f069
- https://git.kernel.org/stable/c/fae2a9fb1eaf348ad8732f90d42ebbb971bd7e95
