CVE-2026-31652

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak exists in the DAMON statistics module. The damon stat start() function allocates a damon ctx object (damon stat context), but if the damon call() function fails, this object is not deallocated. If a user subsequently attempts to enable the feature again, the previously allocated damon ctx object is leaked. Simply deallocating the object upon damon call() failure could lead to a use-after-free scenario, as the kdamond main function might still be accessing the damon ctx object.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.