Linux Kernel Vulnerability in AppArmor Macro Usage
CVE-2026-23406

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 April 2026

What is CVE-2026-23406?

A vulnerability exists in the Linux kernel related to the AppArmor framework, specifically affecting the match_char() macro. This flaw arises when the macro evaluates its character parameter multiple times during the traversal of differential encoding chains. When used with an advancing pointer within a loop, it can lead to checking different characters with each iteration, which results in skipping input characters and ultimately leads to out-of-bounds reads. The fix involves extracting the character value prior to executing match_char, ensuring only a single evaluation per outer loop iteration.

Affected Version(s)

Linux 074c1cd798cb0b481d7eaa749b64aa416563c053 < 5a184f7cbdeaad17e16dedf3c17d0cd622edfed8

Linux 074c1cd798cb0b481d7eaa749b64aa416563c053

Linux 074c1cd798cb0b481d7eaa749b64aa416563c053 < 0510d1ba0976f97f521feb2b75b0572ea5df3ceb

References

https://git.kernel.org/stable/c/5a184f7cbdeaad17e16dedf3c...

https://git.kernel.org/stable/c/b73c1dff8a9d7eeaebabf8097...

https://git.kernel.org/stable/c/0510d1ba0976f97f521feb2b7...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 1, 2026
Vulnerability Reserved
Jan 13, 2026

CVE-2026-23406 Data

JSON