VYPR
← All advisories
Medium severity5.5NVD Advisory· Published Apr 24, 2026· Updated Apr 27, 2026

CVE-2026-31653

CVE-2026-31653

Description

In the Linux kernel, the following vulnerability has been resolved:

mm/damon/sysfs: dealloc repeat_call_control if damon_call() fails

damon_call() for repeat_call_control of DAMON_SYSFS could fail if somehow the kdamond is stopped before the damon_call(). It could happen, for example, when te damon context was made for monitroing of a virtual address processes, and the process is terminated immediately, before the damon_call() invocation. In the case, the dyanmically allocated repeat_call_control is not deallocated and leaked.

Fix the leak by deallocating the repeat_call_control under the damon_call() failure.

This issue is discovered by sashiko [1].

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A memory leak in the Linux kernel's DAMON sysfs interface occurs when damon_call() fails for a dynamically allocated repeat_call_control, potentially leading to resource exhaustion.

Vulnerability

Description

In the Linux kernel's DAMON sysfs interface, a memory leak exists when the damon_call() function fails for a dynamically allocated repeat_call_control structure. The failure can happen if the kdamond is stopped before the damon_call() invocation, for example, when the monitored process terminates immediately [1]. Under such conditions, the allocated memory is not freed, causing a leak.

Exploitation

Scenario

An attacker with the ability to trigger the creation and immediate termination of memory-monitoring contexts (e.g., via specific process lifecycle operations) can cause repeated allocations of repeat_call_control that are never deallocated. This does not require special privileges beyond those needed to set up DAMON monitoring, which may be available to unprivileged users depending on system configuration.

Impact

The primary impact is a memory leak that, if repeatedly triggered, could exhaust system memory and lead to denial of service. The leak does not directly allow code execution or privilege escalation.

Mitigation

The fix was applied in the Linux kernel stable tree [1]. Users should update to a kernel version containing the commit that deallocates repeat_call_control when damon_call() fails. There are no known workarounds other than applying the patch.

References
  1. Making sure you're not a bot!

AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

9
  • Linux/Kernel9 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.17.1,<6.18.23
    • cpe:2.3:o:linux:linux_kernel:6.17:-:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.