CVE-2026-46008 Linux CVE debrief

Who should care

Linux system administrators running kernels with DAMON enabled; security teams monitoring for local denial-of-service conditions; developers using DAMON-based memory analysis tools

Technical summary

The DAMON (Data Access MONitor) subsystem in the Linux kernel contains a race condition between `damos_walk()` and `kdamond_fn()` exit paths. When `kdamond_fn()` finishes its main loop, it cancels pending `damos_walk()` requests and unsets `damon_ctx->kdamond`. However, because request registration and the kdamond pointer unset are protected by different locks, `damos_walk()` can register a new request after cancellation but before the pointer is cleared. This causes the caller to wait indefinitely for handling that never occurs. The fix adds a `walk_control_obsolete` flag under `walk_control_lock` to prevent new request registration once termination begins.

Defensive priority

medium

Recommended defensive actions

• Apply the relevant stable kernel patches once available for your distribution
• Monitor Linux kernel stable updates for commits 0ba956a239ba6e3fae8555d3660e22e675be63b5 and 33c3f6c2b48cd84b441dba1ee3e62290e53930f4
• Review systems using DAMON memory monitoring for unexpected hangs in memory analysis tools
• Consider disabling DAMON if not required until patches are applied

Evidence notes

The vulnerability description is sourced from the official CVE record published 2026-05-27. The fix involves kernel commits to the stable Linux kernel tree. No CVSS score has been assigned as of the CVE modification date (2026-05-27T14:48:03.013Z). The issue was discovered by sashiko.

Official resources