apparmor: fix NULL sock in aa_sock_file_perm
Deal with the potential that sock and sock-sk can be NULL during
socket setup or teardown. This could lead to an oops. The fix for NULL
pointer dereference in __unix_needs_revalidation shows this is at
least possible for af_unix sockets. While the fix for af_unix sockets
applies for newer mediation this is still the fall back path for older
af_unix mediation and other sockets, so ensure it is covered.
Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
Debian DLA |
DLA-4606-1 | linux security update |
Ubuntu USN |
USN-8492-1 | Linux kernel vulnerabilities |
Thu, 28 May 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Wed, 27 May 2026 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-476 |
Wed, 27 May 2026 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL sock in aa_sock_file_perm Deal with the potential that sock and sock-sk can be NULL during socket setup or teardown. This could lead to an oops. The fix for NULL pointer dereference in __unix_needs_revalidation shows this is at least possible for af_unix sockets. While the fix for af_unix sockets applies for newer mediation this is still the fall back path for older af_unix mediation and other sockets, so ensure it is covered. | |
| Title | apparmor: fix NULL sock in aa_sock_file_perm | |
| First Time appeared |
Linux
Linux linux Kernel |
|
| CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Linux
Linux linux Kernel |
|
| References |
|
|
Status: PUBLISHED
Assigner: Linux
Published:
Updated: 2026-05-27T12:15:12.310Z
Reserved: 2026-05-13T15:03:33.078Z
Link: CVE-2026-45848
No data.
Status : Awaiting Analysis
Published: 2026-05-27T14:16:56.700
Modified: 2026-06-17T10:52:36.150
Link: CVE-2026-45848
OpenCVE Enrichment
Updated: 2026-05-27T16:30:36Z
Debian DLA
Ubuntu USN