References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

apparmor: avoid per-cpu hold underflow in aa_get_buffer

When aa_get_buffer() pulls from the per-cpu list it unconditionally
decrements cache->hold. If hold reaches 0 while count is still non-zero,
the unsigned decrement wraps to UINT_MAX. This keeps hold non-zero for a
very long time, so aa_put_buffer() never returns buffers to the global
list, which can starve other CPUs and force repeated kmalloc(aa_g_path_max)
allocations.

Guard the decrement so hold never underflows.

https://git.kernel.org/stable/c/202824a1f89a9786c20a3d646a7c88d223abb1b2

https://git.kernel.org/stable/c/4bcddd0f6b2e52b4c7b520e4d36a115caf5b7169

https://git.kernel.org/stable/c/640cf2f09575c9dc344b3f7be2498d31e3923ead

https://git.kernel.org/stable/c/80c334acc6d0bee8605a358a33e69b4aea1ffb92