CVE-2026-31653
MEDIUM EPSS 1.7%
Published Apr 24, 20262mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published Apr 24, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc repeat_call_control if damon_call() fails damon_call() for repeat_call_control of DAMON_SYSFS could fail if somehow the kdamond is stopped before the damon_call(). It could happen, for example, when te damon context was made for monitroing of a virtual address processes, and the process is terminated immediately, before the damon_call() invocation. In the case, the dyanmically allocated repeat_call_control is not deallocated and leaked. Fix the leak by deallocating the repeat_call_control under the damon_call() failure. This issue is discovered by sashiko [1].
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
1.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 10
References 3
- git.kernel.org https://git.kernel.org/stable/c/0199390a6b92fc21860e1b858abf525c7e73b956
- git.kernel.org https://git.kernel.org/stable/c/0655f5cf1735508394ef8af98ddcfab3ac1c1cc5
- git.kernel.org https://git.kernel.org/stable/c/b9dadf026a9fb681ed32a0646adc10ab485bf3b1
Remediation
- git.kernel.org https://git.kernel.org/stable/c/0199390a6b92fc21860e1b858abf525c7e73b956
- git.kernel.org https://git.kernel.org/stable/c/0655f5cf1735508394ef8af98ddcfab3ac1c1cc5
- git.kernel.org https://git.kernel.org/stable/c/b9dadf026a9fb681ed32a0646adc10ab485bf3b1