CVE-2022-49668 is a vulnerability identified in the Linux kernel, specifically within the power management (PM) subsystem related to the devfreq framework for Exynos processors, which handle dynamic frequency scaling. The issue arises from a reference count leak in the function of_get_devfreq_events. The root cause is improper management of device tree node references: the function of_get_child_by_name() returns a node pointer with an incremented reference count, which must be decremented by calling of_node_put() once the node is no longer needed. However, the vulnerable code only calls of_node_put() in the normal execution path and neglects to do so in error handling paths. This omission leads to a reference count leak, which over time can cause resource exhaustion within the kernel, potentially leading to degraded system performance or instability. Although this vulnerability does not directly allow code execution or privilege escalation, the leak can affect system reliability and availability, especially on devices using affected Linux kernel versions with Exynos SoCs. The vulnerability has been addressed by adding the missing of_node_put() calls in the error paths to ensure proper reference count decrementing and resource cleanup. No known exploits are reported in the wild, and no CVSS score has been assigned yet.

For European organizations, the impact of CVE-2022-49668 is primarily related to system stability and availability rather than direct compromise of confidentiality or integrity. Organizations running Linux-based systems on Exynos hardware—commonly found in some embedded devices, mobile devices, or specialized industrial equipment—may experience resource leaks leading to kernel memory exhaustion or crashes over time. This can result in unexpected downtime, degraded performance, or the need for system reboots, impacting business continuity. While the vulnerability does not enable remote code execution or privilege escalation, persistent leaks can be exploited in targeted denial-of-service scenarios, especially in critical infrastructure or industrial control systems relying on affected hardware. European enterprises with embedded Linux deployments in telecommunications, manufacturing, or IoT sectors should be aware of this risk. However, the overall impact is moderate given the limited scope and lack of direct exploitability.

To mitigate CVE-2022-49668, organizations should promptly apply the official Linux kernel patches that fix the reference count leak in the devfreq exynos-ppmu driver. Since the vulnerability is in the kernel code, updating to a patched kernel version is the most effective remediation. For environments where immediate patching is not feasible, monitoring system logs and kernel resource usage for signs of memory leaks or instability can help detect potential exploitation or impact. Additionally, organizations should audit their Linux-based devices to identify those running affected kernel versions on Exynos hardware and prioritize patching accordingly. Employing kernel live patching solutions where available can reduce downtime during updates. Finally, maintaining robust system monitoring and alerting for kernel errors or crashes will facilitate early detection of issues related to this vulnerability.