Description
In the Linux kernel, the following vulnerability has been resolved:

mm/damon/sysfs: dealloc repeat_call_control if damon_call() fails

damon_call() for repeat_call_control of DAMON_SYSFS could fail if somehow
the kdamond is stopped before the damon_call(). It could happen, for
example, when te damon context was made for monitroing of a virtual
address processes, and the process is terminated immediately, before the
damon_call() invocation. In the case, the dyanmically allocated
repeat_call_control is not deallocated and leaked.

Fix the leak by deallocating the repeat_call_control under the
damon_call() failure.

This issue is discovered by sashiko [1].
Published: 2026-04-24
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Memory Leak leading to potential Denial of Service
Action: Update Kernel
AI Analysis

Impact

The vulnerability occurs in the Linux kernel DAMON sysfs component where the repeat_call_control structure is not freed if damon_call() fails. This leakage can accumulate over time, gradually consuming kernel memory and potentially exhausting available memory resources. The impact is limited to a denial of service scenario because the attacker cannot read or modify data, but long‑term memory exhaustion can bring the system to a halt. The weakness is a classic case of missing release of memory after its effective use (CWE-772).

Affected Systems

All Linux kernel versions that implement DAMON sysfs, specifically kernel releases 6.17 and all canary releases of kernel 7.0 prior to the inclusion of the patch. Because the kernel identifies the vendors as Linux:Linux, any distribution shipping these kernel versions is affected until a corrected build is issued.

Risk and Exploitability

The CVSS score of 5.5 indicates a moderate severity. The EPSS score of <1% suggests that exploitation is unlikely in the near term. The vulnerability is not listed in the CISA KEV catalog. Attackers would need to provoke damon_call() failures repeatedly, such as by rapidly terminating monitored virtual address processes, to gradually leak memory. Without a direct remote code execution vector, the threat is primarily a resource exhaustion attack and requires long‑term persistence to result in a system outage.

Generated by OpenCVE AI on April 28, 2026 at 13:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a released version that incorporates the patch for CVE-2026-31653
  • If an immediate kernel upgrade is not possible, disable or avoid use of DAMON sysfs monitoring for critical workloads to prevent the fault condition
  • Monitor kernel memory usage and set limits or alerts for abnormal memory growth associated with repeat_call_control allocations

Generated by OpenCVE AI on April 28, 2026 at 13:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:linux:linux_kernel:6.17:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Sat, 25 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-772
References

Fri, 24 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc repeat_call_control if damon_call() fails damon_call() for repeat_call_control of DAMON_SYSFS could fail if somehow the kdamond is stopped before the damon_call(). It could happen, for example, when te damon context was made for monitroing of a virtual address processes, and the process is terminated immediately, before the damon_call() invocation. In the case, the dyanmically allocated repeat_call_control is not deallocated and leaked. Fix the leak by deallocating the repeat_call_control under the damon_call() failure. This issue is discovered by sashiko [1].
Title mm/damon/sysfs: dealloc repeat_call_control if damon_call() fails
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T22:12:58.645Z

Reserved: 2026-03-09T15:48:24.128Z

Link: CVE-2026-31653

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-04-24T15:16:44.793

Modified: 2026-04-27T20:16:21.620

Link: CVE-2026-31653

cve-icon Redhat

Severity :

Publid Date: 2026-04-24T00:00:00Z

Links: CVE-2026-31653 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T14:00:16Z

Weaknesses