CVE-2026-46183

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> mm/damon/sysfs-schemes: protect path kfree() with damon_sysfs_lock<br /> <br /> damon_sysfs_quot_goal-&gt;path can be read and written by users, via DAMON<br /> sysfs &amp;#39;path&amp;#39; file. It can also be indirectly read, for the parameters<br /> {on,off}line committing to DAMON. The reads for parameters committing are<br /> protected by damon_sysfs_lock to avoid the sysfs files being destroyed<br /> while any of the parameters are being read. But the user-driven direct<br /> reads and writes are not protected by any lock, while the write is<br /> deallocating the path-pointing buffer. As a result, the readers could<br /> read the already freed buffer (user-after-free). Note that the user-reads<br /> don&amp;#39;t race when the same open file is used by the writer, due to kernfs&amp;#39;s<br /> open file locking. Nonetheless, doing the reads and writes with separate<br /> open files would be common. Fix it by protecting both the user-direct<br /> reads and writes with damon_sysfs_lock.