CVE-2026-23404
MEDIUM EPSS 7.4%
Published Apr 1, 20263mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published Apr 1, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: apparmor: replace recursive profile removal with iterative approach The profile removal code uses recursion when removing nested profiles, which can lead to kernel stack exhaustion and system crashes. Reproducer: $ pf='a'; for ((i=0; i<1024; i++)); do echo -e "profile $pf { \n }" | apparmor_parser -K -a; pf="$pf//x"; done $ echo -n a > /sys/kernel/security/apparmor/.remove Replace the recursive __aa_profile_list_release() approach with an iterative approach in __remove_profile(). The function repeatedly finds and removes leaf profiles until the entire subtree is removed, maintaining the same removal semantic without recursion.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
7.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 15
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥2.6.36.1 – <5.10.253 |
| linux | linux_kernel | * | ≥5.11 – <5.15.203 |
| linux | linux_kernel | * | ≥5.16 – <6.1.169 |
| linux | linux_kernel | * | ≥6.2 – <6.6.130 |
| linux | linux_kernel | * | ≥6.7 – <6.12.77 |
| linux | linux_kernel | * | ≥6.13 – <6.18.18 |
| linux | linux_kernel | * | ≥6.19 – <6.19.8 |
| linux | linux_kernel | 2.6.36 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
References 8
- git.kernel.org https://git.kernel.org/stable/c/33959a491e9fd557abfa5fce5ae4637d400915d3
- git.kernel.org https://git.kernel.org/stable/c/4fdc847b107321dec22bf8ecd6019b7af76d7886
- git.kernel.org https://git.kernel.org/stable/c/7eade846e013cbe8d2dc4a484463aa19e6515c7f
- git.kernel.org https://git.kernel.org/stable/c/999bd704b0b641527a5ed46f0d969deff8cfa68b
- git.kernel.org https://git.kernel.org/stable/c/a6a941a1294ac5abe22053dc501d25aed96e48fe
- git.kernel.org https://git.kernel.org/stable/c/ab09264660f9de5d05d1ef4e225aa447c63a8747
- git.kernel.org https://git.kernel.org/stable/c/b36a04284d0208be94e5e401409caa00e2bf1be1
- git.kernel.org https://git.kernel.org/stable/c/ea854f032190cc9f26dc4a0e727090c89e55e342
Remediation
- git.kernel.org https://git.kernel.org/stable/c/33959a491e9fd557abfa5fce5ae4637d400915d3
- git.kernel.org https://git.kernel.org/stable/c/4fdc847b107321dec22bf8ecd6019b7af76d7886
- git.kernel.org https://git.kernel.org/stable/c/7eade846e013cbe8d2dc4a484463aa19e6515c7f
- git.kernel.org https://git.kernel.org/stable/c/999bd704b0b641527a5ed46f0d969deff8cfa68b
- git.kernel.org https://git.kernel.org/stable/c/a6a941a1294ac5abe22053dc501d25aed96e48fe
- git.kernel.org https://git.kernel.org/stable/c/ab09264660f9de5d05d1ef4e225aa447c63a8747
- git.kernel.org https://git.kernel.org/stable/c/b36a04284d0208be94e5e401409caa00e2bf1be1
- git.kernel.org https://git.kernel.org/stable/c/ea854f032190cc9f26dc4a0e727090c89e55e342