CVE-2026-52905

NONE EPSS 5.0%
Published Jun 9, 20263w ago · Modified Jun 17, 20262w ago
Find Similar
Published Jun 9, 2026 3w ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: disallow non-power of two min_region_sz on damon_start() Commit d8f867fa0825 ("mm/damon: add damon_ctx->min_sz_region") introduced a bug that allows unaligned DAMON region address ranges. Commit c80f46ac228b ("mm/damon/core: disallow non-power of two min_region_sz") fixed it, but only for damon_commit_ctx() use case. Still, DAMON sysfs interface can emit non-power of two min_region_sz via damon_start(). Fix the path by adding the is_power_of_2() check on damon_start(). The issue was discovered by sashiko [1].

Threat Intelligence

EPSS Exploit Probability
5.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 3

  • git.kernel.org https://git.kernel.org/stable/c/1de2db19a6028abe7d905875922faef5b873de67
  • git.kernel.org https://git.kernel.org/stable/c/89b6226b6c2a4add3939f361653a47c212d6ab75
  • git.kernel.org https://git.kernel.org/stable/c/95093e5cb4c5b50a5b1a4b79f2942b62744bd66a

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.