CVE-2022-49375 is a vulnerability identified in the Linux kernel specifically related to the Real-Time Clock (RTC) driver for the MediaTek MT6397 chipset. The issue arises because the kernel code fails to properly check the return value of the function platform_get_resource(). This function is responsible for retrieving hardware resource information necessary for the driver to operate correctly. If platform_get_resource() returns NULL, indicating that the requested resource is unavailable or not assigned, the driver code proceeds without validation, leading to a null pointer dereference (null-ptr-deref). This results in a kernel crash or system panic, causing a denial of service (DoS) condition. The vulnerability is rooted in insufficient error handling and input validation within the driver code. The affected versions appear to be specific Linux kernel commits identified by the hash fc2979118f3f5193475cb53d5df7bdaa7e358a42, suggesting a narrow window of vulnerability in recent kernel development branches. There are no known exploits in the wild, and no CVSS score has been assigned yet. The fix involves adding proper checks for the return value of platform_get_resource() to prevent dereferencing NULL pointers. This vulnerability affects Linux systems running on hardware platforms using the MT6397 RTC driver, which is typically found in embedded or mobile devices using MediaTek chipsets integrated with Linux kernels.

For European organizations, the primary impact of CVE-2022-49375 is the potential for denial of service on Linux systems utilizing the affected MT6397 RTC driver. This could cause system instability or crashes, particularly in embedded devices, IoT equipment, or specialized hardware running Linux kernels with this driver. While the vulnerability does not directly lead to privilege escalation or data leakage, the disruption of critical systems could affect operational continuity, especially in industrial control systems, telecommunications infrastructure, or other sectors relying on embedded Linux devices. The impact is more pronounced in environments where uptime and reliability are crucial, such as manufacturing plants, smart city infrastructure, or network equipment. Since the vulnerability requires the system to run the specific driver and the problematic kernel version, the scope is limited but non-negligible for organizations deploying MediaTek-based Linux devices. No known exploits reduce immediate risk, but unpatched systems remain vulnerable to crashes triggered by malformed or unexpected hardware resource configurations.

European organizations should take the following specific steps to mitigate this vulnerability: 1) Identify all Linux systems running kernels with the affected MT6397 RTC driver, focusing on embedded devices and MediaTek chipset-based hardware. 2) Apply the official kernel patches or upgrade to a Linux kernel version where the fix for CVE-2022-49375 is included, ensuring platform_get_resource() return values are properly checked. 3) For devices where kernel upgrades are not feasible, consider disabling the MT6397 RTC driver if the hardware allows or isolating vulnerable devices from critical networks to reduce impact. 4) Implement monitoring to detect kernel panics or unexpected reboots that may indicate exploitation attempts or triggering of the null pointer dereference. 5) Collaborate with hardware vendors and Linux distribution maintainers to ensure timely patch deployment and firmware updates. 6) Conduct thorough testing of patched kernels in staging environments before production deployment to avoid regressions. These measures go beyond generic advice by focusing on hardware-specific driver management and proactive system inventory and monitoring.