On Thu, Mar 26, 2026 at 06:36:17PM +0000, Qualys Security Advisory wrote: > Hi Linux kernel CVE assignment team, all, > > We saw that last week you assigned two CVEs to two of the nine AppArmor > vulnerabilities that were fixed and released on March 12, thank you very > much for these: > > ------------------------------------------------------------------------ > https://lore.kernel.org/linux-cve-announce/2026031846-CVE-2026-23268-6be3@gregkh/T/#u > > - "[PATCH 08/11] apparmor: fix unprivileged local user can do privileged > > policy management" (the confused-deputy problem detailed in this > > advisory); > ------------------------------------------------------------------------ > https://lore.kernel.org/linux-cve-announce/2026031846-CVE-2026-23269-2bf7@gregkh/T/#u > > - "[PATCH 01/11] apparmor: validate DFA start states are in bounds in > > unpack_pdb" (an out-of-bounds read); > ------------------------------------------------------------------------ > > Since two weeks have passed now (since the fixes were released), would > it be possible to please assign CVEs to the remaining seven AppArmor > vulnerabilities: > > ------------------------------------------------------------------------ > https://git.kernel.org/stable/c/e38c55d9f834e5b848bfed0f5c586aaf45acb825 > > - "[PATCH 02/11] apparmor: fix memory leak in verify_header" (a memory > > leak);
Now assigned to CVE-2026-23403 > ------------------------------------------------------------------------ > https://git.kernel.org/stable/c/ab09264660f9de5d05d1ef4e225aa447c63a8747 CVE-2026-23404 > https://git.kernel.org/stable/c/306039414932c80f8420695a24d4fe10c84ccfb2 CVE-2026-23405 > > - "[PATCH 03/11] apparmor: replace recursive profile removal with > > iterative approach" and "[PATCH 04/11] apparmor: fix: limit the number > > of levels of policy namespaces" (the uncontrolled recursion detailed > > in this advisory); > ------------------------------------------------------------------------ > https://git.kernel.org/stable/c/8756b68edae37ff546c02091989a4ceab3f20abd CVE-2026-23406 > > - "[PATCH 05/11] apparmor: fix side-effect bug in match_char() macro > > usage" (the out-of-bounds read detailed in this advisory); > ------------------------------------------------------------------------ > https://git.kernel.org/stable/c/d352873bbefa7eb39995239d0b44ccdf8aaa79a4 CVE-2026-23407 > > - "[PATCH 06/11] apparmor: fix missing bounds check on DEFAULT table in > > verify_dfa()" (an out-of-bounds read and write); > ------------------------------------------------------------------------ > https://git.kernel.org/stable/c/5df0c44e8f5f619d3beb871207aded7c78414502 CVE-2026-23408 > > - "[PATCH 07/11] apparmor: Fix double free of ns_name in > > aa_replace_profiles()" (the double-free detailed in this advisory); > ------------------------------------------------------------------------ > https://git.kernel.org/stable/c/39440b137546a3aa383cfdabc605fb73811b6093 CVE-2026-23409 > > - "[PATCH 09/11] apparmor: fix differential encoding verification" (an > > infinite loop); > ------------------------------------------------------------------------ > https://git.kernel.org/stable/c/a0b7091c4de45a7325c8780e6934a894f92ac86b CVE-2026-23410 > https://git.kernel.org/stable/c/8e135b8aee5a06c52a4347a5a6d51223c6f36ba3 CVE-2026-23411 Hope that helps people's accounting systems :) thanks, greg k-h
