CVE-2026-53367
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved:
selinux: fix avdcache auditing
The per-task avdcache was incorrectly saving and reusing the
audited vector computed by avc_audit_required() rather than
recomputing based on the currently requested permissions and
distinguishing the denied versus allowed cases. As a result,
some permission checks were not being audited, e.g.
directory write checks after a previously cached directory
search check.
[PM: line wrap tweaks]
selinux: fix avdcache auditing
The per-task avdcache was incorrectly saving and reusing the
audited vector computed by avc_audit_required() rather than
recomputing based on the currently requested permissions and
distinguishing the denied versus allowed cases. As a result,
some permission checks were not being audited, e.g.
directory write checks after a previously cached directory
search check.
[PM: line wrap tweaks]
Vulnerability Details
Published Date
Last Modified
Source
NVD
Vendor
Linux
Product
Linux
Discussion (0)
Add Comment
No comments yet. Be the first!