Fixed
Created: Dec 31, 2025
Updated: Jan 6, 2026
Resolved Date: Jan 1, 2026
Found In Version: 10.21.20.2
Fix Version: 10.21.20.17
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:
apparmor: Fix memleak in alloc_ns()
After changes in commit a1bd627b46d1 ("apparmor: share profile name on
replacement"), the hname member of struct aa_policy is not valid slab
object, but a subset of that, it can not be freed by kfree_sensitive(),
use aa_policy_destroy() to fix it.
