CVE-2022-49867 is a vulnerability identified in the Linux kernel's IOSM (IP Multimedia Subsystem Operating System Module) driver, specifically within the wwan (Wireless Wide Area Network) networking component. The issue arises because the IOSM driver registers a network device without setting the 'needs_free_netdev' flag. Consequently, when the network device is unregistered, the kernel does not invoke the 'free_netdev()' function to free the allocated memory. This leads to a memory leak within the kernel's networking subsystem. The vulnerability was addressed by modifying the IOSM driver to set the 'needs_free_netdev' flag to true during network device registration. This change ensures that the kernel's network device subsystem automatically calls 'free_netdev()' after 'unregister_netdevice()', thereby properly releasing the allocated memory and preventing the leak. While the vulnerability does not directly allow code execution or privilege escalation, the memory leak can degrade system stability over time, potentially leading to resource exhaustion and denial of service (DoS) conditions on affected systems. The affected versions appear to be specific Linux kernel commits or builds, indicating that this is a low-level kernel bug rather than an issue in user-space applications. No known exploits are reported in the wild, and no CVSS score has been assigned yet.

For European organizations relying on Linux-based systems, especially those using cellular or wireless WAN interfaces managed by the IOSM driver, this vulnerability could lead to gradual memory exhaustion on critical infrastructure devices such as routers, gateways, or embedded systems. Over time, this may cause system instability, degraded network performance, or unexpected reboots, impacting availability of network services. Organizations with large-scale deployments of Linux-based network equipment or IoT devices that utilize the affected driver are at higher risk. Although the vulnerability does not directly compromise confidentiality or integrity, the availability impact can disrupt business operations, particularly in sectors dependent on continuous network connectivity such as telecommunications, finance, healthcare, and manufacturing. The absence of known exploits reduces immediate risk, but unpatched systems remain vulnerable to potential future exploitation or accidental resource depletion.

To mitigate this vulnerability, European organizations should promptly apply the official Linux kernel patches that set the 'needs_free_netdev' flag correctly in the IOSM driver. Kernel updates should be prioritized on devices that utilize the wwan IOSM driver, including embedded systems and network appliances. Network administrators should audit their environments to identify systems running affected kernel versions and plan for timely patch deployment. Additionally, monitoring system memory usage and kernel logs for anomalies related to network device registration and unregistration can help detect potential exploitation or memory leaks. For environments where immediate patching is not feasible, implementing resource limits or watchdog timers to automatically recover from system instability may reduce downtime. Vendors providing Linux-based network equipment should be engaged to ensure firmware updates incorporate the fix. Finally, maintaining an up-to-date inventory of Linux kernel versions in use and subscribing to security advisories will aid in proactive vulnerability management.