Volerion logoVolerion
Volerion logoVolerion

Linux Kernel DAMON Sysfs Memory Leak and NULL Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's DAMON subsystem can lead to a memory leak and a NULL pointer dereference. This issue occurs when the 'damon_sysfs_new_test_ctx()' function fails during the 'damon_sysfs_commit_input()' process. In such cases, the 'param_ctx' variable is not properly cleaned up, causing a memory leak. Additionally, a privileged user can exploit this flaw by sending incorrect control sequences, leading to a NULL pointer dereference.

Impact

Exploitation of this vulnerability can cause a memory leak and a NULL pointer dereference, which could potentially lead to a system crash or other undefined behavior.

Reproduction

To reproduce this vulnerability, a privileged user can send a sequence of control commands that intentionally cause the 'damon_sysfs_new_test_ctx()' function to fail. This failure will trigger the memory leak and NULL pointer dereference issue.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.

Added: Apr 22, 2026, 3:36 PM
Updated: Apr 22, 2026, 3:36 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
3.4
remediation
7.7
relevance
6.2
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.