The libsepol library provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy and similar tools, as well as by programs like load_policy that need to perform specific transformations on binary policies . Security Fix: * libsepol: use-after-free in __cil_verify_classperms * libsepol: use-after-free in __cil_verify_classperms * libsepol: use-after-free in cil_reset_classpermission * libsepol: heap-based buffer overflow in ebitmap_match_any For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.