| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2026021416-CVE-2026-23142-f91e@gregkh> Date: Sat, 14 Feb 2026 16:36:16 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2026-23142: mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of access_pattern/ directory, subdirectories of access_pattern/ directory are not cleaned up. As a result, DAMON sysfs interface is nearly broken until the system reboots, and the memory for the unremoved directory is leaked. Cleanup the directories under such failures. The Linux kernel CVE team has assigned CVE-2026-23142 to this issue. Affected and fixed versions =========================== Issue introduced in 5.18 with commit 9bbb820a5bd5f406ae5e0819cc31f2c2e6f4d990 and fixed in 6.1.162 with commit ae8ac0066b48ed957bdcab58f0d3543549c57a29 Issue introduced in 5.18 with commit 9bbb820a5bd5f406ae5e0819cc31f2c2e6f4d990 and fixed in 6.6.122 with commit e9711bd0e64812c694a228cf58c9e6032decee54 Issue introduced in 5.18 with commit 9bbb820a5bd5f406ae5e0819cc31f2c2e6f4d990 and fixed in 6.12.67 with commit 16236b0b4a08fa3e326cf1373ef789dabdc2e30d Issue introduced in 5.18 with commit 9bbb820a5bd5f406ae5e0819cc31f2c2e6f4d990 and fixed in 6.18.7 with commit 725d4fdaa01bd1161782081f419e1568cc7432e0 Issue introduced in 5.18 with commit 9bbb820a5bd5f406ae5e0819cc31f2c2e6f4d990 and fixed in 6.19 with commit 392b3d9d595f34877dd745b470c711e8ebcd225c Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2026-23142 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: mm/damon/sysfs-schemes.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/ae8ac0066b48ed957bdcab58f0d3543549c57a29 https://git.kernel.org/stable/c/e9711bd0e64812c694a228cf58c9e6032decee54 https://git.kernel.org/stable/c/16236b0b4a08fa3e326cf1373ef789dabdc2e30d https://git.kernel.org/stable/c/725d4fdaa01bd1161782081f419e1568cc7432e0 https://git.kernel.org/stable/c/392b3d9d595f34877dd745b470c711e8ebcd225c
Powered by blists - more mailing lists