CVE-2022-49457 is a vulnerability identified in the Linux kernel specifically affecting the ARM versatile platform code. The issue arises from a missing call to of_node_put() in the dcscb_init function. The device_node pointer is obtained via the of_find_compatible_node() function, which returns a pointer with its reference count incremented. Proper reference counting requires that the caller release the reference by calling of_node_put() once the node is no longer needed. Failure to do so results in a reference count leak, which is a form of resource leak within the kernel. Over time, this leak can lead to increased memory consumption and potential resource exhaustion. While this vulnerability does not directly enable code execution or privilege escalation, it can degrade system stability and availability, particularly in embedded or ARM-based Linux systems where resources may be constrained. The vulnerability is specific to the ARM versatile platform code path in the Linux kernel and has been addressed by adding the missing of_node_put() call to properly decrement the reference count and prevent the leak. There are no known exploits in the wild, and no CVSS score has been assigned to this vulnerability as of the published date.

For European organizations, the impact of CVE-2022-49457 is primarily related to system stability and availability, especially for those deploying ARM-based Linux systems. This includes embedded devices, IoT infrastructure, and specialized ARM servers or development platforms. Organizations relying on such systems may experience gradual degradation of performance or unexpected crashes due to resource exhaustion caused by the reference count leak. While this does not directly compromise confidentiality or integrity, the availability impact could disrupt critical services or industrial control systems that use ARM Linux platforms. Given the increasing adoption of ARM architectures in edge computing and IoT deployments across Europe, the vulnerability could affect sectors such as manufacturing, telecommunications, and smart city infrastructure. However, the risk is mitigated by the fact that exploitation requires the vulnerable code path to be exercised, and no active exploits are known. The vulnerability is less relevant for x86-based Linux servers or desktops, which dominate traditional enterprise environments.

European organizations should ensure that all ARM-based Linux kernel deployments are updated to include the patch that adds the missing of_node_put() call in dcscb_init. This involves applying the latest Linux kernel updates from trusted sources or vendor-provided patches for embedded devices. For organizations managing embedded or IoT devices, it is critical to verify the kernel version and platform code to confirm the presence of the fix. Additionally, implement monitoring for unusual memory usage or kernel resource leaks on ARM devices to detect potential exploitation or system degradation early. Where possible, restrict access to ARM Linux devices to trusted users and networks to reduce the risk of triggering the vulnerable code path. For development and testing environments, incorporate static code analysis and kernel auditing tools to identify similar reference counting issues proactively. Finally, maintain an inventory of ARM-based Linux systems to prioritize patching and risk assessment efforts effectively.