In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of cond_list on error paths On error path from cond_read_list() and duplicate_policydb_cond_list() the cond_list_destroy() gets called a second time in caller functions, resulting in NULL pointer deref. Fix this by resetting the cond_list_len to 0 in cond_list_destroy(), making subsequent calls a noop. Also consistently reset the cond_list pointer to NULL after freeing. PM: fix line lengths in the description] CREATE(Triage):(User=admin) [CVE-2022-48740 (https://nvd.nist.gov/vuln/detail/CVE-2022-48740)
