Linux Kernel DAMON Sysfs Mem Leak via damon_call()
CVE-2026-31653 Published on April 24, 2026
mm/damon/sysfs: dealloc repeat_call_control if damon_call() fails
In the Linux kernel, the following vulnerability has been resolved:
mm/damon/sysfs: dealloc repeat_call_control if damon_call() fails
damon_call() for repeat_call_control of DAMON_SYSFS could fail if somehow
the kdamond is stopped before the damon_call(). It could happen, for
example, when te damon context was made for monitroing of a virtual
address processes, and the process is terminated immediately, before the
damon_call() invocation. In the case, the dyanmically allocated
repeat_call_control is not deallocated and leaked.
Fix the leak by deallocating the repeat_call_control under the
damon_call() failure.
This issue is discovered by sashiko [1].
Products Associated with CVE-2026-31653
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 04a06b139ec08aa63d7377f6d3e5218f8ddb1c5d and below b9dadf026a9fb681ed32a0646adc10ab485bf3b1 is affected.
- Version 04a06b139ec08aa63d7377f6d3e5218f8ddb1c5d and below 0655f5cf1735508394ef8af98ddcfab3ac1c1cc5 is affected.
- Version 04a06b139ec08aa63d7377f6d3e5218f8ddb1c5d and below 0199390a6b92fc21860e1b858abf525c7e73b956 is affected.
- Version 6.17 is affected.
- Before 6.17 is unaffected.
- Version 6.18.23, <= 6.18.* is unaffected.
- Version 6.19.13, <= 6.19.* is unaffected.
- Version 7.0, <= * is unaffected.