CVE-2026-31457
MEDIUM EPSS 2.2%
Published Apr 22, 20262mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published Apr 22, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: check contexts->nr in repeat_call_fn damon_sysfs_repeat_call_fn() calls damon_sysfs_upd_tuned_intervals(), damon_sysfs_upd_schemes_stats(), and damon_sysfs_upd_schemes_effective_quotas() without checking contexts->nr. If nr_contexts is set to 0 via sysfs while DAMON is running, these functions dereference contexts_arr[0] and cause a NULL pointer dereference. Add the missing check. For example, the issue can be reproduced using DAMON sysfs interface and DAMON user-space tool (damo) [1] like below. $ sudo damo start --refresh_interval 1s $ echo 0 | sudo tee \ /sys/kernel/mm/damon/admin/kdamonds/0/contexts/nr_contexts
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
2.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-476 NULL Pointer Dereference Memory Safety
Affected Products 7
References 3
- git.kernel.org https://git.kernel.org/stable/c/3527e9fdc38570cea0f6ddb7a2c9303d4044b217
- git.kernel.org https://git.kernel.org/stable/c/652cd0641a763dd0e846b0d12814977fadb2b7d8
- git.kernel.org https://git.kernel.org/stable/c/6557004a8b59c7701e695f02be03c7e20ed1cc15
Remediation
- git.kernel.org https://git.kernel.org/stable/c/3527e9fdc38570cea0f6ddb7a2c9303d4044b217
- git.kernel.org https://git.kernel.org/stable/c/652cd0641a763dd0e846b0d12814977fadb2b7d8
- git.kernel.org https://git.kernel.org/stable/c/6557004a8b59c7701e695f02be03c7e20ed1cc15