CVE-2026-46087
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A memory leak was discovered in the Linux kernel's DAMON/stat mechanism. When damon_start() fails, the DAMON context is not destroyed and the global pointer is not reset, leading to a permanent memory leak.
Risk Assessment
The memory leak can gradually exhaust system resources, potentially causing system instability or denial of service (DoS) after repeated attempts to enable DAMON/stat.
Recommendation
It is recommended to immediately update the Linux kernel to a version containing the fix that destroys the DAMON context on damon_start() failure.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: fix memory leak on damon_start() failure in damon_stat_start() Destroy the DAMON context and reset the global pointer when damon_start() fails. Otherwise, the context allocated by damon_stat_build_ctx() is leaked, and the stale damon_stat_context pointer will be overwritten on the next enable attempt, making the old allocation permanently unreachable.

