The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms . The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms . The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission . The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any . This occurs because there is sometimes a lack of checks for invalid statements in an optional block