CVE-2022-50860
Unknown
Unknown - Not Provided
Memory Leak in Linux Kernel AppArmor alloc_ns() Fixed
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
apparmor: Fix memleak in alloc_ns()
After changes in commit a1bd627b46d1 ("apparmor: share profile name on
replacement"), the hname member of struct aa_policy is not valid slab
object, but a subset of that, it can not be freed by kfree_sensitive(),
use aa_policy_destroy() to fix it.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
| linux | kernel | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a memory leak in the Linux kernel's AppArmor security module. After a specific code change, the hname member of the aa_policy structure was incorrectly handled as a slab object and freed improperly, which caused a memory leak. The fix involves using the correct function, aa_policy_destroy(), to properly free this memory.
How can this vulnerability impact me? :
The memory leak could lead to increased memory usage over time, potentially degrading system performance or causing resource exhaustion on systems using AppArmor in the Linux kernel.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70