CVE-2024-57886

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, specifically in the mm/damon/core module. The issue arises from two bugs in the damon commit targets() and damon commit schemes() functions, which are called from damon commit ctx(). These bugs can cause some user inputs to be ignored and memory objects to be leaked. The vulnerability affects only users of the DAMON sysfs interface. Other modules, such as DAMON RECLAIM and DAMON LRU SORT, are not affected as they do not use the buggy function in the same way.

Recommendations To resolve the issue, apply the patch series "mm/damon/core: fix memory leaks and ignored inputs from damon commit ctx()". This patch fixes the leaks by properly deallocating newly created targets when updating internal data fails and by linking new targets to the context. At the moment, there is no information about a newer version that contains a fix for this vulnerability.