PT-2026-39049 · Linux · Linux Kernel

CVE-2026-43388

·

Published

2026-05-08

·

Updated

2026-05-21

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw exists in the damos walk() function where ctx->walk control is set to a caller-provided control structure before verifying if the context is running. If the context is inactive, the function returns an error without clearing ctx->walk control, leaving a dangling pointer to a stack-allocated structure. This can lead to a use-after-free scenario if the context is started and kdamond dereferences the pointer, or result in a permanent -EBUSY error during subsequent damos walk() calls because the pointer remains non-NULL.
Recommendations Clear ctx->walk control under walk control lock before returning -EINVAL in the damos walk() function.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-43388

Affected Products

Linux Kernel