CVE-2026-46020
mediumVulnerability Report
Generated by CyberWatcher
Description
A flaw was found in the Linux kernel's DAMON (Data Access MONitor) core. A privileged local user can exploit this vulnerability by providing an invalid node ID to `damos_quota_goal->nid` for `node_mem_{used,free}_bp` via the DAMON user-space tool. This improper validation can lead to an out-of-bounds memory access, potentially causing a kernel NULL pointer dereference and system instability.
CWE
CWE-1285Affected Products
Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9