Your submission was sent successfully! Close

CVE-2021-36085

Published: 1 July 2021

The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).

From the Ubuntu security team

sbeattie> AppArmor is the default LSM in Ubuntu, issue only affects compilation of selinux policy sbeattie> trusty version predates the introduction of CIL

Priority

Low

CVSS 3 base score: 3.3

Status

Package Release Status
libsepol
Launchpad, Ubuntu, Debian
bionic
Released (2.7-1ubuntu0.1)
focal
Released (3.0-1ubuntu0.1)
groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish
Released (3.1-1ubuntu2.1)
jammy Not vulnerable
(3.3-1)
trusty Not vulnerable
(code not present)
upstream
Released (3.3-1)
xenial
Released (2.4-2ubuntu0.1~esm1)