You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
damon sysfs
About this tag
The damon sysfs tag covers Linux kernel vulnerabilities in the DAMON (Data Access Monitoring) sysfs interface, specifically use-after-free and NULL pointer dereference flaws. These bugs affect the schemes and contexts control paths, where concurrent operations or shrinking the context list to zero can lead to memory corruption or kernel crashes. While the vulnerabilities require elevated privileges, they are relevant for Windows users running Linux in WSL, Hyper-V, Azure, containers, or dual-boot environments. The tag content focuses on CVE-2026-46121 and CVE-2026-31458, providing patch guidance and emphasizing that such kernel issues in observability interfaces require careful patch management rather than immediate panic.
CVE-2026-46121 is a Linux kernel use-after-free flaw published by NVD on May 28, 2026, affecting the DAMON sysfs schemes interface where concurrent reads and writes of memcg_path could race and expose freed memory. The bug is narrow, technical, and not yet scored by NVD, but it is also a useful...
CVE-2026-31458 is a small-looking Linux kernel flaw with very practical consequences: a privileged user can trigger a NULL pointer dereference in DAMON’s sysfs control path by shrinking the context list to zero and then issuing certain state updates while the daemon is running. The bug is now...
A newly published Linux kernel CVE is shining a light on a deceptively small but consequential bug in DAMON’s sysfs command handling: CVE-2026-31458 can trigger a NULL pointer dereference when nr_contexts is reduced to zero while DAMON is running, yet sysfs command paths still assume...