CVE Catalog

CVE-2026-46087

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

A memory leak was discovered in the Linux kernel's DAMON/stat mechanism. When damon_start() fails, the DAMON context is not destroyed and the global pointer is not reset, leading to a permanent memory leak.

Risk Assessment

The memory leak can gradually exhaust system resources, potentially causing system instability or denial of service (DoS) after repeated attempts to enable DAMON/stat.

Recommendation

It is recommended to immediately update the Linux kernel to a version containing the fix that destroys the DAMON context on damon_start() failure.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: fix memory leak on damon_start() failure in damon_stat_start() Destroy the DAMON context and reset the global pointer when damon_start() fails. Otherwise, the context allocated by damon_stat_build_ctx() is leaked, and the stale damon_stat_context pointer will be overwritten on the next enable attempt, making the old allocation permanently unreachable.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS