git.ipfire.org Git - thirdparty/kernel/linux.git/commit

Merge tag 'apparmor-pr-mainline-2026-03-09' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor

Pull AppArmor fixes from John Johansen:
- fix race between freeing data and fs accessing it
- fix race on unreferenced rawdata dereference
- fix differential encoding verification
- fix unconfined unprivileged local user can do privileged policy management
- Fix double free of ns_name in aa_replace_profiles()
- fix missing bounds check on DEFAULT table in verify_dfa()
- fix side-effect bug in match_char() macro usage
- fix: limit the number of levels of policy namespaces
- replace recursive profile removal with iterative approach
- fix memory leak in verify_header
- validate DFA start states are in bounds in unpack_pdb

* tag 'apparmor-pr-mainline-2026-03-09' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor:
  apparmor: fix race between freeing data and fs accessing it
  apparmor: fix race on rawdata dereference
  apparmor: fix differential encoding verification
  apparmor: fix unprivileged local user can do privileged policy management
  apparmor: Fix double free of ns_name in aa_replace_profiles()
  apparmor: fix missing bounds check on DEFAULT table in verify_dfa()
  apparmor: fix side-effect bug in match_char() macro usage
  apparmor: fix: limit the number of levels of policy namespaces
  apparmor: replace recursive profile removal with iterative approach
  apparmor: fix memory leak in verify_header
  apparmor: validate DFA start states are in bounds in unpack_pdb

author	Linus Torvalds <torvalds@linux-foundation.org>
	Thu, 12 Mar 2026 17:58:02 +0000 (10:58 -0700)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Thu, 12 Mar 2026 17:58:02 +0000 (10:58 -0700)
commit	281f36d4a9970c206c2c44042904d4e34c092fbe
tree	7b2929fbf31fc694f0598b910239a9b8023a2fdf	tree \| snapshot
parent	80234b5ab240f52fa45d201e899e207b9265ef91	commit \| diff
parent	8e135b8aee5a06c52a4347a5a6d51223c6f36ba3	commit \| diff