Your submission was sent successfully! Close

CVE-2021-36086

Published: 1 July 2021

The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).

Notes

AuthorNote
sbeattie
AppArmor is the default LSM in Ubuntu, issue only affects
compilation of selinux policy
trusty version predates the introduction of CIL
Priority

Low

CVSS 3 base score: 3.3

Status

Package Release Status
libsepol
Launchpad, Ubuntu, Debian
bionic
Released (2.7-1ubuntu0.1)
focal
Released (3.0-1ubuntu0.1)
groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish
Released (3.1-1ubuntu2.1)
jammy Not vulnerable
(3.3-1)
trusty Not vulnerable
(code not present)
upstream
Released (3.3-1)
xenial Not vulnerable
(code not present)
Patches:
upstream: https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8