Memory Access Vulnerability in Linux Kernel's DAMON Sysfs Interface
CVE-2025-40228

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 December 2025

What is CVE-2025-40228?

A vulnerability in the Linux kernel's DAMON sysfs interface could lead to invalid memory access due to the lack of allocation failure checks during testing of DAMON parameters. The absence of these checks allows for potential memory leaks upon successful tests. The issue has been addressed in a patch that introduces proper error handling to prevent such conditions, ensuring that allocation failures are detected and reported accordingly.

Affected Version(s)

Linux 4c9ea539ad59ec60676930dacee02b7adde2e0c0 < 5b3609d9b9650bdea0bfdf643e0ce57e1aed67fc

Linux 4c9ea539ad59ec60676930dacee02b7adde2e0c0

Linux 6.15

References

https://git.kernel.org/stable/c/5b3609d9b9650bdea0bfdf643...

https://git.kernel.org/stable/c/f0c5118ebb0eb7e4fd6f0d2ac...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2025
Vulnerability Reserved
Apr 16, 2025

JSON