Description
In the Linux kernel, the following vulnerability has been resolved:

mm/damon/reclaim: handle ctx allocation failure

Patch series "mm/damon/{reclaim,lru_sort}: handle ctx allocation failures".

DAMON_RECLAIM and DAMON_LRU_SORT could dereference NULL pointers if their
damon_ctx object allocations fail. The bugs are expected to happen
infrequently because the allocations are arguably too small to fail on
common setups. But theoretically they are possible and the consequences
are bad. Fix those.

The issues were discovered [1] by Sashiko.


This patch (of 2):

DAMON_RECLAIM allocates the damon_ctx object for its kdamond in its init
function. damon_reclaim_enabled_store() wrongly assumes the allocation
will always succeed once tried. If the damon_ctx allocation was failed,
therefore, code execution reaches to damon_commit_ctx() while 'ctx' is
NULL. As a result, it dereferences the NULL 'ctx' pointer. Avoid the
NULL dereference by returning -ENOMEM if 'ctx' is NULL.
Published: 2026-07-01
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The bug originates in the DAMON_RECLAIM and DAMON_LRU_SORT subsystems of the Linux kernel. When the damon_ctx object allocation fails during initialization, the code incorrectly assumes success and later dereferences the NULL pointer, which can trigger a kernel panic and render the system unavailable. The weakness is classified as CWE‑476.

Affected Systems

All Linux kernel releases that include the DAMON_RECLAIM and DAMON_LRU_SORT modules before the patch are potentially affected; no specific version information is provided.

Risk and Exploitability

The vulnerability has high potential impact because a kernel panic causes loss of availability, but the CVSS score is not listed in the data. EPSS is not available and the vulnerability is not in the KEV catalog. Based on the description, the likely exploitation requires privileged or local access to trigger the allocation failure, resulting in a kernel panic.

Generated by OpenCVE AI on July 1, 2026 at 19:49 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the patch series "mm/damon/{reclaim,lru_sort}: handle ctx allocation failures" by upgrading the kernel to a version that contains the fix.
  • If the patch cannot be applied immediately, disable the DAMON_RECLAIM and DAMON_LRU_SORT features by setting the appropriate sysctl knobs or unloading the modules to eliminate the vulnerable code path.
  • Monitor kernel logs for panic or OOPS events related to damon_ctx dereference to confirm that the flaw has been mitigated.

Generated by OpenCVE AI on July 1, 2026 at 19:49 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Wed, 01 Jul 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Wed, 01 Jul 2026 13:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: handle ctx allocation failure Patch series "mm/damon/{reclaim,lru_sort}: handle ctx allocation failures". DAMON_RECLAIM and DAMON_LRU_SORT could dereference NULL pointers if their damon_ctx object allocations fail. The bugs are expected to happen infrequently because the allocations are arguably too small to fail on common setups. But theoretically they are possible and the consequences are bad. Fix those. The issues were discovered [1] by Sashiko. This patch (of 2): DAMON_RECLAIM allocates the damon_ctx object for its kdamond in its init function. damon_reclaim_enabled_store() wrongly assumes the allocation will always succeed once tried. If the damon_ctx allocation was failed, therefore, code execution reaches to damon_commit_ctx() while 'ctx' is NULL. As a result, it dereferences the NULL 'ctx' pointer. Avoid the NULL dereference by returning -ENOMEM if 'ctx' is NULL.
Title mm/damon/reclaim: handle ctx allocation failure
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-07-01T13:32:17.419Z

Reserved: 2026-06-09T07:44:35.398Z

Link: CVE-2026-53334

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T20:00:06Z

Weaknesses

No weakness.