CVE-2025-40227
Description
In the Linux kernel, the following vulnerability has been resolved:
mm/damon/sysfs: dealloc commit test ctx always
The damon_ctx for testing online DAMON parameters commit inputs is deallocated only when the test fails. This means memory is leaked for every successful online DAMON parameters commit. Fix the leak by always deallocating it.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In the Linux kernel, a memory leak in mm/damon/sysfs fails to deallocate a DAMON context after a successful online parameter commit.
Vulnerability
A memory leak exists in the Linux kernel's DAMON (Data Access Monitoring) subsystem within the /sysfs interface. When online parameters are committed for testing, a temporary DAMON context (damon_ctx) is allocated. This context is only deallocated if the commit test fails, leaving the memory allocated indefinitely after a successful commit [1][2].
Attack
Vector and Prerequisites
This vulnerability is specific to the kernel's sysfs interface for DAMON, which is typically accessible only to privileged users (root). An attacker with local root access could trigger repeated successful online parameter commits to exhaust system memory, leading to a denial-of-service condition. No other authentication or network access is required.
Impact
An attacker with sufficient privileges can cause a memory leak that may lead to memory exhaustion and system instability, potentially rendering the system unusable. The vulnerability has a CVSS score that reflects its local, low-complexity nature.
Mitigation
The fix, committed to the Linux kernel stable tree, ensures the test DAMON context is always deallocated, regardless of whether the commit test succeeds or fails. Users should apply kernel updates to incorporate this fix [1][2].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
2ba236520ae53139e7a572af0Vulnerability mechanics
Root cause
"A memory leak occurs because the `damon_ctx` structure is not deallocated after successful online DAMON parameter commit tests."
Attack vector
An attacker can trigger this memory leak by repeatedly performing successful online DAMON parameter commits via the sysfs interface. Each successful commit operation fails to deallocate the `damon_ctx` structure used for testing, leading to a cumulative consumption of kernel memory. This behavior constitutes a resource exhaustion vulnerability [patch_id=11174, patch_id=11175].
Affected code
The vulnerability exists within the `mm/damon/sysfs` component of the Linux kernel. Specifically, the logic responsible for testing online DAMON parameter commits fails to properly manage memory allocation for the `damon_ctx` structure [patch_id=11174, patch_id=11175].
What the fix does
The patch modifies the code to ensure that the `damon_ctx` structure is deallocated regardless of whether the online DAMON parameter commit test succeeds or fails [patch_id=11174, patch_id=11175]. Previously, the deallocation only occurred upon test failure, causing a leak during successful operations. This change ensures proper memory lifecycle management and prevents the identified resource leak.
Preconditions
- configThe system must have DAMON sysfs interface enabled and accessible.
Generated on May 11, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2News mentions
0No linked articles in our index yet.