CVE-2026-31458

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> mm/damon/sysfs: check contexts-&gt;nr before accessing contexts_arr[0]<br /> <br /> Multiple sysfs command paths dereference contexts_arr[0] without first<br /> verifying that kdamond-&gt;contexts-&gt;nr == 1. A user can set nr_contexts to<br /> 0 via sysfs while DAMON is running, causing NULL pointer dereferences.<br /> <br /> In more detail, the issue can be triggered by privileged users like<br /> below.<br /> <br /> First, start DAMON and make contexts directory empty<br /> (kdamond-&gt;contexts-&gt;nr == 0).<br /> <br /> # damo start<br /> # cd /sys/kernel/mm/damon/admin/kdamonds/0<br /> # echo 0 &gt; contexts/nr_contexts<br /> <br /> Then, each of below commands will cause the NULL pointer dereference.<br /> <br /> # echo update_schemes_stats &gt; state<br /> # echo update_schemes_tried_regions &gt; state<br /> # echo update_schemes_tried_bytes &gt; state<br /> # echo update_schemes_effective_quotas &gt; state<br /> # echo update_tuned_intervals &gt; state<br /> <br /> Guard all commands (except OFF) at the entry point of<br /> damon_sysfs_handle_cmd().