This is a note to let you know that I've just added the patch titled apparmor: Fix memleak in aa_simple_write_to_buffer() to the 5.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: apparmor-fix-memleak-in-aa_simple_write_to_buffer.patch and it can be found in the queue-5.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 417ea9fe972d2654a268ad66e89c8fcae67017c3 Mon Sep 17 00:00:00 2001 From: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx> Date: Tue, 14 Jun 2022 17:00:01 +0800 Subject: apparmor: Fix memleak in aa_simple_write_to_buffer() From: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx> commit 417ea9fe972d2654a268ad66e89c8fcae67017c3 upstream. When copy_from_user failed, the memory is freed by kvfree. however the management struct and data blob are allocated independently, so only kvfree(data) cause a memleak issue here. Use aa_put_loaddata(data) to fix this issue. Fixes: a6a52579e52b5 ("apparmor: split load data into management struct and data blob") Signed-off-by: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx> Signed-off-by: John Johansen <john.johansen@xxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- security/apparmor/apparmorfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -401,7 +401,7 @@ static struct aa_loaddata *aa_simple_wri data->size = copy_size; if (copy_from_user(data->data, userbuf, copy_size)) { - kvfree(data); + aa_put_loaddata(data); return ERR_PTR(-EFAULT); } Patches currently in stable-queue which might be from xiujianfeng@xxxxxxxxxx are queue-5.19/apparmor-fix-memleak-in-aa_simple_write_to_buffer.patch