CVE-2022-50201

Summary

In the Linux kernel, the following vulnerability has been resolved:

selinux: fix memleak in security_read_state_kernel()

In this function, it directly returns the result of __security_read_policy without freeing the allocated memory in *data, cause memory leak issue, so free the memory if __security_read_policy failed.

[PM: subject line tweak]

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxfdd1ffe8a812b1109388e4bc389e57b2695ad095 < c877c5217145bda8fd95f506bf42f8d981afa57daffected
LinuxLinuxfdd1ffe8a812b1109388e4bc389e57b2695ad095 < f3cd7562c0a6774fc62d79654482014020e574f5affected
LinuxLinuxfdd1ffe8a812b1109388e4bc389e57b2695ad095 < 1fc1f72aad2070d34022d0823e4cf09706b53f25affected
LinuxLinuxfdd1ffe8a812b1109388e4bc389e57b2695ad095 < 73de1befcc53a7c68b0c5e76b9b5ac41c517760faffected
LinuxLinux5.12affected
LinuxLinux0 < 5.12unaffected
LinuxLinux5.15.61 <= 5.15.*unaffected
LinuxLinux5.18.18 <= 5.18.*unaffected
LinuxLinux5.19.2 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References