CVE-2026-23411

HIGH EPSS 4.1%
Published Apr 1, 20262mo ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Apr 1, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race between freeing data and fs accessing it AppArmor was putting the reference to i_private data on its end after removing the original entry from the file system. However the inode can aand does live beyond that point and it is possible that some of the fs call back functions will be invoked after the reference has been put, which results in a race between freeing the data and accessing it through the fs. While the rawdata/loaddata is the most likely candidate to fail the race, as it has the fewest references. If properly crafted it might be possible to trigger a race for the other types stored in i_private. Fix this by moving the put of i_private referenced data to the correct place which is during inode eviction.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
4.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-362

Affected Products 15

VendorProductVersionRange
linuxlinux_kernel*≥4.13.1  –  <5.10.253
linuxlinux_kernel*≥5.11  –  <5.15.203
linuxlinux_kernel*≥5.16  –  <6.1.169
linuxlinux_kernel*≥6.2  –  <6.6.130
linuxlinux_kernel*≥6.7  –  <6.12.77
linuxlinux_kernel*≥6.13  –  <6.18.18
linuxlinux_kernel*≥6.19  –  <6.19.8
linuxlinux_kernel4.13any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/13bc2772414d68e94e273dea013181a986948ddf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2a732ed26fbd048e7925d227af8cf9ea43fb5cc9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3ddb961d2929bbb3204a2bba21b5d8153cd3f7cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/667df93769c02ff581c77d2d8f162147e719c557
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8e135b8aee5a06c52a4347a5a6d51223c6f36ba3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a92c5e5086a87d082696245a8607666da3d80554
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ae10787d955fb255d381e0d5589451dd72c614b1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eecce026399917f6efa532c56bc7a3e9dd6ee68b
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/13bc2772414d68e94e273dea013181a986948ddf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2a732ed26fbd048e7925d227af8cf9ea43fb5cc9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3ddb961d2929bbb3204a2bba21b5d8153cd3f7cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/667df93769c02ff581c77d2d8f162147e719c557
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8e135b8aee5a06c52a4347a5a6d51223c6f36ba3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a92c5e5086a87d082696245a8607666da3d80554
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ae10787d955fb255d381e0d5589451dd72c614b1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eecce026399917f6efa532c56bc7a3e9dd6ee68b
    Patch