Primary

Context

Linux Kernel DAMON Memory Leak Vulnerability via Sysfs Interface

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's DAMON (Data Access Monitor) subsystem. The issue arises in the sysfs interface for DAMON memory management cgroups (memcg). When data is written to the memcg_path DAMOS sysfs file, the 'writememcg_path_store()' function allocates a new memory buffer for the 'memcg_path' attribute without freeing the previously allocated buffer. This oversight allows users to leak kernel memory by repeatedly writing data to the sysfs file.

Impact

Exploitation of this vulnerability leads to a kernel memory leak, which can potentially be exploited to read sensitive information from leaked memory or cause a denial-of-service condition by exhausting available memory resources.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this vulnerability has been patched.

Added: Jul 9, 2025, 11:28 AM

Updated: Jul 9, 2025, 11:28 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel DAMON Memory Leak Vulnerability via Sysfs Interface

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating