A set of AppArmor vulnerabilities
Date:
Fri, 13 Mar 2026 14:02:32 +0000
Description:
Qualys has sent out a
somewhat breathless advisory describing a number of vulnerabilities in
the AppArmor security module, which is used in a number of Debian-based distributions (among others). This "CrackArmor" advisory exposes a confused-deputy flaw allowing
unprivileged users to manipulate security profiles via
pseudo-files, bypass user-namespace restrictions, and execute
arbitrary code within the kernel. These flaws facilitate local
privilege escalation to root through complex interactions with
tools like Sudo and Postfix, alongside denial-of-service attacks
via stack exhaustion and Kernel Address Space Layout Randomization
(KASLR) bypasses via out-of-bounds reads.
======================================================================
Link to news story:
https://lwn.net/Articles/1062778/
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)