5.5

CVE-2022-50077

apparmor: fix reference count leak in aa_pivotroot()

In the Linux kernel, the following vulnerability has been resolved:

apparmor: fix reference count leak in aa_pivotroot()

The aa_pivotroot() function has a reference counting bug in a specific
path. When aa_replace_current_label() returns on success, the function
forgets to decrement the reference count of “target”, which is
increased earlier by build_pivotroot(), causing a reference leak.

Fix it by decreasing the refcount of “target” in that path.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.14.1 < 4.14.291
LinuxLinux Kernel Version >= 4.15 < 4.19.256
LinuxLinux Kernel Version >= 4.20 < 5.4.211
LinuxLinux Kernel Version >= 5.5 < 5.10.138
LinuxLinux Kernel Version >= 5.11 < 5.15.63
LinuxLinux Kernel Version >= 5.16 < 5.19.4
LinuxLinux Kernel Version4.14 Update-
LinuxLinux Kernel Version4.14 Updaterc2
LinuxLinux Kernel Version4.14 Updaterc3
LinuxLinux Kernel Version4.14 Updaterc4
LinuxLinux Kernel Version4.14 Updaterc5
LinuxLinux Kernel Version4.14 Updaterc6
LinuxLinux Kernel Version4.14 Updaterc7
LinuxLinux Kernel Version4.14 Updaterc8
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.056
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/d53194707d2a1851be027cd74266b96ceff799d3
Patch
https://git.kernel.org/stable/c/f4d5c7796571624e3f380b447ada52834270a287
Patch
https://git.kernel.org/stable/c/ef6fb6f0d0d8440595b45a7e53c6162c737177f4
Patch
https://git.kernel.org/stable/c/2ceeb3296e9dde1d5772348046affcefdea605e2
Patch
https://git.kernel.org/stable/c/64103ea357734b82384c925cba4758fdb909be0c
Patch
https://git.kernel.org/stable/c/3ca40ad7afae144169a43988ef1a3f16182faf0a
Patch
https://git.kernel.org/stable/c/11c3627ec6b56c1525013f336f41b79a983b4d46
Patch