CVE-2026-23408
HIGH EPSS 7.9%
Published Apr 1, 20263mo ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
Published Apr 1, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of ns_name in aa_replace_profiles() if ns_name is NULL after 1071 error = aa_unpack(udata, &lh, &ns_name); and if ent->ns_name contains an ns_name in 1089 } else if (ent->ns_name) { then ns_name is assigned the ent->ns_name 1095 ns_name = ent->ns_name; however ent->ns_name is freed at 1262 aa_load_ent_free(ent); and then again when freeing ns_name at 1270 kfree(ns_name); Fix this by NULLing out ent->ns_name after it is transferred to ns_name ")
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
7.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-415
Affected Products 15
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥5.5.1 – <5.10.253 |
| linux | linux_kernel | * | ≥5.11 – <5.15.203 |
| linux | linux_kernel | * | ≥5.16 – <6.1.169 |
| linux | linux_kernel | * | ≥6.2 – <6.6.130 |
| linux | linux_kernel | * | ≥6.7 – <6.12.77 |
| linux | linux_kernel | * | ≥6.13 – <6.18.18 |
| linux | linux_kernel | * | ≥6.19 – <6.19.8 |
| linux | linux_kernel | 5.5 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
References 8
- git.kernel.org https://git.kernel.org/stable/c/18b5233e860c294a847ee07869d93c0b8673a54b
- git.kernel.org https://git.kernel.org/stable/c/35f4caec1352054b9a61cfdf2bf1898073637aa0
- git.kernel.org https://git.kernel.org/stable/c/55ef2af7490aaf72f8ffe11ec44c6bcb7eb2162a
- git.kernel.org https://git.kernel.org/stable/c/5df0c44e8f5f619d3beb871207aded7c78414502
- git.kernel.org https://git.kernel.org/stable/c/7998ab3010d2317643f91828f1853d954ef31387
- git.kernel.org https://git.kernel.org/stable/c/86feeccd6b93ed94bd6655f30de80f163f8d5a45
- git.kernel.org https://git.kernel.org/stable/c/c053ae381ce227577567d1ef10090ce7506d7a28
- git.kernel.org https://git.kernel.org/stable/c/c6347a2116ecccb8fd9ee4ebc75ae41d1d7ef689
Remediation
- git.kernel.org https://git.kernel.org/stable/c/18b5233e860c294a847ee07869d93c0b8673a54b
- git.kernel.org https://git.kernel.org/stable/c/35f4caec1352054b9a61cfdf2bf1898073637aa0
- git.kernel.org https://git.kernel.org/stable/c/55ef2af7490aaf72f8ffe11ec44c6bcb7eb2162a
- git.kernel.org https://git.kernel.org/stable/c/5df0c44e8f5f619d3beb871207aded7c78414502
- git.kernel.org https://git.kernel.org/stable/c/7998ab3010d2317643f91828f1853d954ef31387
- git.kernel.org https://git.kernel.org/stable/c/86feeccd6b93ed94bd6655f30de80f163f8d5a45
- git.kernel.org https://git.kernel.org/stable/c/c053ae381ce227577567d1ef10090ce7506d7a28
- git.kernel.org https://git.kernel.org/stable/c/c6347a2116ecccb8fd9ee4ebc75ae41d1d7ef689