In the Linux kernel, the following vulnerability has been...
Moderate severity
Unreviewed
Published
May 27, 2026
to the GitHub Advisory Database
•
Updated Jun 25, 2026
Description
Published by the National Vulnerability Database
May 27, 2026
Published to the GitHub Advisory Database
May 27, 2026
Last updated
Jun 25, 2026
In the Linux kernel, the following vulnerability has been resolved:
apparmor: avoid per-cpu hold underflow in aa_get_buffer
When aa_get_buffer() pulls from the per-cpu list it unconditionally
decrements cache->hold. If hold reaches 0 while count is still non-zero,
the unsigned decrement wraps to UINT_MAX. This keeps hold non-zero for a
very long time, so aa_put_buffer() never returns buffers to the global
list, which can starve other CPUs and force repeated kmalloc(aa_g_path_max)
allocations.
Guard the decrement so hold never underflows.
References