kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. An error while resolving policies in xfrmbundlelookup causes the refcount to drop twice, leading to a possible crash and a denial of service...

AZL-10401 CVE-2022-36879 affecting package kernel for versions less than 5.15.67.1-4

An issue was discovered in the Linux kernel through 5.18.14. xfrmexpandpolicies in net/xfrm/xfrmpolicy.c can cause a refcount to be dropped twice...