CVE-2026-31653

Published: Apr 24, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc repeat_call_control if damon_call() fails damon_call() for repeat_call_control of DAMON_SYSFS could fail if somehow the kdamond is stopped before the damon_call(). It could happen, for example, when te damon context was made for monitroing of a virtual address processes, and the process is terminated immediately, before the damon_call() invocation. In the case, the dyanmically allocated repeat_call_control is not deallocated and leaked. Fix the leak by deallocating the repeat_call_control under the damon_call() failure. This issue is discovered by sashiko [1].

Vendor	Product	Versions
Linux	Linux	affected `04a06b139ec08aa63d7377f6d3e5218f8ddb1c5d - < b9dadf026a9fb681ed32a0646adc10ab485bf3b1` affected `04a06b139ec08aa63d7377f6d3e5218f8ddb1c5d - < 0655f5cf1735508394ef8af98ddcfab3ac1c1cc5` affected `04a06b139ec08aa63d7377f6d3e5218f8ddb1c5d - < 0199390a6b92fc21860e1b858abf525c7e73b956`
Linux	Linux	affected `6.17` unaffected `0 - < 6.17` unaffected `6.18.23 - <= 6.18.` unaffected `6.19.13 - <= 6.19.` unaffected `7.0 - <= *`

References

https://git.kernel.org/stable/c/b9dadf026a9fb681ed32a0646adc10ab485bf3b1

https://git.kernel.org/stable/c/0655f5cf1735508394ef8af98ddcfab3ac1c1cc5

https://git.kernel.org/stable/c/0199390a6b92fc21860e1b858abf525c7e73b956

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-31653

Description

Affected Products

References