CVE-2022-49386 is a vulnerability identified in the Linux kernel specifically related to the Ethernet driver for Texas Instruments AM65 CPSW NUSS hardware. The issue arises from improper reference count management in the kernel's device tree handling functions. The function of_get_child_by_name() returns a node pointer with an incremented reference count, which must be decremented using of_node_put() when the node is no longer needed. However, in the affected Linux kernel versions, the functions am65_cpsw_init_cpts() and am65_cpsw_nuss_probe() fail to release this reference count in error scenarios, leading to a reference count leak. This leak can cause resource exhaustion in the kernel, potentially degrading system stability or causing denial of service conditions if the kernel runs out of memory or other resources due to unreleased references. The vulnerability does not appear to allow direct code execution or privilege escalation but can impact system availability indirectly. No known exploits are currently reported in the wild, and no CVSS score has been assigned. The vulnerability is addressed by adding the missing of_node_put() calls to properly decrement the reference count and prevent leaks.

For European organizations, the impact of this vulnerability is primarily related to system stability and availability. Organizations running Linux kernels with the affected Ethernet driver on TI AM65 hardware may experience kernel resource exhaustion over time, especially under error conditions or heavy network load, leading to potential system crashes or degraded network performance. This could affect critical infrastructure, industrial control systems, or embedded devices using this hardware. While the vulnerability does not directly compromise confidentiality or integrity, denial of service or system instability can disrupt business operations, cause downtime, and impact service availability. Organizations relying on Linux-based network devices or embedded systems with this driver should be aware of the risk, particularly in sectors such as manufacturing, telecommunications, and energy where TI AM65 hardware might be deployed.

To mitigate this vulnerability, organizations should apply the official Linux kernel patches that fix the reference count leak by adding the missing of_node_put() calls in the affected driver functions. If patching is not immediately possible, monitoring system logs and kernel resource usage for signs of reference count leaks or memory exhaustion can help detect potential issues early. Additionally, organizations should ensure that their Linux kernel versions are up to date and avoid running unpatched versions on critical systems using TI AM65 CPSW NUSS Ethernet hardware. For embedded or industrial systems, coordinate with hardware vendors to obtain firmware or kernel updates that incorporate the fix. Implementing robust error handling and system recovery procedures can also reduce the impact of potential kernel instability caused by this vulnerability.