CVE-2022-50860

Published: Dec 30, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in alloc_ns() After changes in commit a1bd627b46d1 ("apparmor: share profile name on replacement"), the hname member of struct aa_policy is not valid slab object, but a subset of that, it can not be freed by kfree_sensitive(), use aa_policy_destroy() to fix it.

Vendor	Product	Versions
Linux	Linux	affected `a1bd627b46d169268a0ee5960899fb5be960a317 - < 9a32aa87a25d800b2c6f47bc2749a7bfd9a486f3` affected `a1bd627b46d169268a0ee5960899fb5be960a317 - < 5f509fa740b17307f0cba412485072f632d5af36` affected `a1bd627b46d169268a0ee5960899fb5be960a317 - < 0250cf8d37bb5201a117177afd24dc73a1c81657` affected `a1bd627b46d169268a0ee5960899fb5be960a317 - < 12695b4b76d437b9c0182a6f7dfb2248013a9daf` affected `a1bd627b46d169268a0ee5960899fb5be960a317 - < e9e6fa49dbab6d84c676666f3fe7d360497fd65b`
Linux	Linux	affected `4.13` unaffected `0 - < 4.13` unaffected `5.10.163 - <= 5.10.` unaffected `5.15.86 - <= 5.15.` unaffected `6.0.16 - <= 6.0.*` +2 more versions

References

https://git.kernel.org/stable/c/9a32aa87a25d800b2c6f47bc2749a7bfd9a486f3

https://git.kernel.org/stable/c/5f509fa740b17307f0cba412485072f632d5af36

https://git.kernel.org/stable/c/0250cf8d37bb5201a117177afd24dc73a1c81657

https://git.kernel.org/stable/c/12695b4b76d437b9c0182a6f7dfb2248013a9daf

https://git.kernel.org/stable/c/e9e6fa49dbab6d84c676666f3fe7d360497fd65b

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-50860

Description

Affected Products

References