Home

Description

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: disallow non-power of two min_region_sz on damon_start() Commit d8f867fa0825 ("mm/damon: add damon_ctx->min_sz_region") introduced a bug that allows unaligned DAMON region address ranges. Commit c80f46ac228b ("mm/damon/core: disallow non-power of two min_region_sz") fixed it, but only for damon_commit_ctx() use case. Still, DAMON sysfs interface can emit non-power of two min_region_sz via damon_start(). Fix the path by adding the is_power_of_2() check on damon_start(). The issue was discovered by sashiko [1].

PUBLISHED Reserved 2026-06-09 | Published 2026-06-09 | Updated 2026-06-09 | Assigner Linux

Product status

Default status
unaffected

d8f867fa0825fb3e358457566d7326d8aab2406a (git) before 1de2db19a6028abe7d905875922faef5b873de67
affected

d8f867fa0825fb3e358457566d7326d8aab2406a (git) before 89b6226b6c2a4add3939f361653a47c212d6ab75
affected

d8f867fa0825fb3e358457566d7326d8aab2406a (git) before 95093e5cb4c5b50a5b1a4b79f2942b62744bd66a
affected

Default status
affected

6.18
affected

Any version before 6.18
unaffected

6.18.30 (semver)
unaffected

7.0.4 (semver)
unaffected

7.1-rc1 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/1de2db19a6028abe7d905875922faef5b873de67

git.kernel.org/...c/89b6226b6c2a4add3939f361653a47c212d6ab75

git.kernel.org/...c/95093e5cb4c5b50a5b1a4b79f2942b62744bd66a

cve.org (CVE-2026-52905)

nvd.nist.gov (CVE-2026-52905)

Download JSON