CVE-2022-49010 is a vulnerability identified in the Linux kernel's hardware monitoring (hwmon) subsystem, specifically within the coretemp driver responsible for CPU temperature monitoring. The issue arises when the coretemp_add_core() function encounters an error condition. In such cases, the pdata->core_data[indx] pointer is already NULL and has been freed (kfreed). However, the vulnerable code attempts to pass this NULL pointer to sysfs_remove_group(), a kernel function that removes a group of sysfs attributes. Passing a NULL pointer to sysfs_remove_group() leads to a kernel NULL pointer dereference, causing a kernel crash (kernel oops) and potential system instability or denial of service. The vulnerability manifests during CPU offline events, as indicated by kernel logs showing duplicate sysfs filename creation errors and supervisor read access faults. The root cause is the lack of a NULL check before calling sysfs_remove_group(), which has been addressed by adding the necessary NULL pointer validation to prevent the crash. This vulnerability affects Linux kernel versions identified by the commit hash 199e0de7f5df31a4fc485d4aaaf8a07718252ace and potentially other versions with similar code. No known exploits are currently reported in the wild. The vulnerability is a stability and availability issue rather than a direct confidentiality or integrity compromise, but it can cause system crashes and disrupt operations on affected Linux systems running the vulnerable kernel version.

For European organizations, the impact of CVE-2022-49010 primarily concerns system availability and operational stability. Linux is widely used across European enterprises, government agencies, and critical infrastructure for servers, embedded systems, and network devices. A kernel crash triggered by this vulnerability could lead to unexpected system reboots or downtime, affecting services reliant on Linux-based systems. This is particularly critical for sectors such as finance, telecommunications, healthcare, and manufacturing, where high availability is essential. Although the vulnerability does not directly expose sensitive data or allow privilege escalation, repeated crashes or denial of service could disrupt business continuity and lead to financial losses or service degradation. Systems that dynamically manage CPU states or rely heavily on hardware monitoring are more susceptible. Additionally, environments with automated CPU offline/online operations or power management features might trigger the bug more frequently. The absence of known exploits reduces immediate risk, but unpatched systems remain vulnerable to accidental or malicious triggering of the kernel crash, especially in complex or high-load environments.

To mitigate CVE-2022-49010, European organizations should: 1) Apply the official Linux kernel patch that adds the NULL pointer check before calling sysfs_remove_group() as soon as it becomes available from their Linux distribution vendors or kernel maintainers. 2) Regularly update Linux kernels to the latest stable versions to incorporate security fixes and stability improvements. 3) Monitor kernel logs for symptoms such as duplicate sysfs filename errors or kernel oops related to coretemp during CPU offline events, which may indicate attempts to trigger this vulnerability. 4) Implement robust system monitoring and automated reboot or failover mechanisms to minimize downtime in case of kernel crashes. 5) For critical systems, consider isolating or limiting CPU offline/online operations if feasible, to reduce exposure to the triggering condition until patches are applied. 6) Engage with Linux distribution security advisories and subscribe to vulnerability notifications to stay informed about updates related to this issue. 7) Conduct thorough testing of kernel updates in staging environments before deployment to production to ensure compatibility and stability.