CVE-2022-49319: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49319 affects the Linux kernel's IOMMU/ARM-SMMU-v3 driver. The vulnerability was discovered when it was found that the platform_get_resource() function's return value was not being properly checked, which could lead to a null pointer dereference. The issue affects Linux kernel versions from 5.11 through 5.18.3, 5.16 through 5.17.14, and 5.10 through 5.15.46. This vulnerability was disclosed on February 26, 2025 (NVD).

The vulnerability exists in the ARM SMMU-v3 driver's device probe function where the platform_get_resource() function call's return value was not being validated. This could result in a null pointer dereference if the function returns NULL. The issue has been assigned a CVSS v3.1 base score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. The vulnerability is classified as CWE-476 (NULL Pointer Dereference) (NVD).

If exploited, this vulnerability could lead to a system crash due to the null pointer dereference, potentially causing a denial of service condition. The impact is limited to availability with no direct impact on confidentiality or integrity of the system (NVD).

The vulnerability has been patched in the Linux kernel. The fix involves adding a proper check for the return value of platform_get_resource() before its usage. The patch has been applied to multiple kernel versions and is available through various kernel patches (Kernel Patch).