Description
In the Linux kernel, the following vulnerability has been resolved:

mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure

When a DAMOS-scheme DAMON sysfs directory setup fails after setup of
access_pattern/ directory, subdirectories of access_pattern/ directory are
not cleaned up. As a result, DAMON sysfs interface is nearly broken until
the system reboots, and the memory for the unremoved directory is leaked.

Cleanup the directories under such failures.
Published: 2026-02-14
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Memory Leak and Availability Impact
Action: Apply Patch
AI Analysis

Impact

The vulnerability in the Linux kernel causes the DAMON sysfs directory setup to leave behind an access_pattern subdirectory when the scheme initialization fails. This failure results in a memory leak and disables the DAMON sysfs interface until the system is rebooted. The leak occurs during kernel initialization or when the DAMON subsystem is started, potentially degrading system stability and preventing further use of the legacy memory monitoring interface.

Affected Systems

Affected products are all Linux kernel releases that contain the DAMON sysfs scheme code, including the 6.19 release candidates from rc1 through rc5. The issue is present in the generic Linux kernel and should be addressed in any distribution that ships these kernel versions.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity, and the EPSS score of less than 1% reflects a low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog, suggesting no known active exploitation. The attack vector is inferred to be local, requiring an attacker with kernel or root privileges to trigger repeated DAMON sysfs failures or to force a system reboot for recovery. The primary risk is to availability: if the sysfs interface remains broken, tools that rely on DAMON may fail, and memory leaks may accumulate until reboot.

Generated by OpenCVE AI on April 18, 2026 at 12:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the system to a Linux kernel version that includes the fix for the DAMON sysfs scheme cleanup bug.
  • If a kernel update is not yet available, reboot the machine to clear the leaked memory and restore the DAMON sysfs interface.
  • Monitor system logs for repeated DAMON sysfs setup failures to ensure the bug has been resolved and plan a future kernel update.

Generated by OpenCVE AI on April 18, 2026 at 12:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 17 Mar 2026 21:15:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Tue, 17 Feb 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Sat, 14 Feb 2026 15:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of access_pattern/ directory, subdirectories of access_pattern/ directory are not cleaned up. As a result, DAMON sysfs interface is nearly broken until the system reboots, and the memory for the unremoved directory is leaked. Cleanup the directories under such failures.
Title mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-02-14T15:36:08.147Z

Reserved: 2026-01-13T15:37:45.973Z

Link: CVE-2026-23142

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-02-14T16:15:54.273

Modified: 2026-03-17T21:13:41.900

Link: CVE-2026-23142

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-02-14T00:00:00Z

Links: CVE-2026-23142 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T12:30:45Z

Weaknesses