CVE-2026-23404

MEDIUM EPSS 7.4%
Published Apr 1, 20263mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 1, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: apparmor: replace recursive profile removal with iterative approach The profile removal code uses recursion when removing nested profiles, which can lead to kernel stack exhaustion and system crashes. Reproducer: $ pf='a'; for ((i=0; i<1024; i++)); do echo -e "profile $pf { \n }" | apparmor_parser -K -a; pf="$pf//x"; done $ echo -n a > /sys/kernel/security/apparmor/.remove Replace the recursive __aa_profile_list_release() approach with an iterative approach in __remove_profile(). The function repeatedly finds and removes leaf profiles until the entire subtree is removed, maintaining the same removal semantic without recursion.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
7.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 15

VendorProductVersionRange
linuxlinux_kernel*≥2.6.36.1  –  <5.10.253
linuxlinux_kernel*≥5.11  –  <5.15.203
linuxlinux_kernel*≥5.16  –  <6.1.169
linuxlinux_kernel*≥6.2  –  <6.6.130
linuxlinux_kernel*≥6.7  –  <6.12.77
linuxlinux_kernel*≥6.13  –  <6.18.18
linuxlinux_kernel*≥6.19  –  <6.19.8
linuxlinux_kernel2.6.36any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/33959a491e9fd557abfa5fce5ae4637d400915d3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4fdc847b107321dec22bf8ecd6019b7af76d7886
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7eade846e013cbe8d2dc4a484463aa19e6515c7f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/999bd704b0b641527a5ed46f0d969deff8cfa68b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a6a941a1294ac5abe22053dc501d25aed96e48fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ab09264660f9de5d05d1ef4e225aa447c63a8747
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b36a04284d0208be94e5e401409caa00e2bf1be1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ea854f032190cc9f26dc4a0e727090c89e55e342
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/33959a491e9fd557abfa5fce5ae4637d400915d3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4fdc847b107321dec22bf8ecd6019b7af76d7886
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7eade846e013cbe8d2dc4a484463aa19e6515c7f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/999bd704b0b641527a5ed46f0d969deff8cfa68b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a6a941a1294ac5abe22053dc501d25aed96e48fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ab09264660f9de5d05d1ef4e225aa447c63a8747
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b36a04284d0208be94e5e401409caa00e2bf1be1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ea854f032190cc9f26dc4a0e727090c89e55e342
    Patch