Vratislav Bendel

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a double free of cond list on error paths in the selinux component of the Linux kernel. This occurs when the cond list destroy() function is called a second time in caller functions, resulting in a NULL pointer dereference. The fix involves resetting the cond list len to 0 in cond list destroy(), making subsequent calls a noop, and consistently resetting the cond list pointer to NULL after freeing. The vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.