Linux Kernel Vulnerability in DAMON's Call Control Mechanism
CVE-2026-23012

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 January 2026

What is CVE-2026-23012?

A vulnerability in the DAMON subsystem of the Linux kernel could allow a use-after-free condition to occur due to improper handling of call control objects within inactive contexts. When the damon_call function is executed on a non-running DAMON context, it retains a link to the call_controls list even if the associated damon_call_control object has been deallocated. If a subsequent damon_call is invoked on the same context, it can lead to accessing a deallocated memory region. Although this vulnerability requires specific conditions, including sysfs write permissions and unusual file writes to reproduce, it poses a risk to system stability and security. The situation has been addressed in the latest kernel updates by restructuring the termination process and ensuring proper cleanup of call controls.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch