Out-of-Bounds Read and Write Vulnerability in Linux Kernel's AppArmor
CVE-2026-23407

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 April 2026

What is CVE-2026-23407?

This vulnerability within the Linux Kernel's AppArmor is primarily associated with a flaw in the verify_dfa() function, which fails to validate array indexes during the handling of differential encoding. Specifically, when the function traverses the differential encoding chain, it uses an index that may exceed the valid range of DEFAULT_TABLE, leading to potential out-of-bounds reads and writes. This can allow malicious actors to manipulate kernel memory and possibly execute arbitrary code, posing a severe risk to system integrity.

Affected Version(s)

Linux 031dcc8f4e84fea37dc6f78fdc7288aa7f8386c3 < 7c7cf05e0606f554c467e3a4dc49e2e578a755b4

Linux 031dcc8f4e84fea37dc6f78fdc7288aa7f8386c3 < 76b4d36c5122866452d34d8f79985e191f9c3831

Linux 031dcc8f4e84fea37dc6f78fdc7288aa7f8386c3 < 5a68e46dfe0c8c8ffc6f425ebc4cae6238566ecc

References

https://git.kernel.org/stable/c/7c7cf05e0606f554c467e3a4d...

https://git.kernel.org/stable/c/76b4d36c5122866452d34d8f7...

https://git.kernel.org/stable/c/5a68e46dfe0c8c8ffc6f425eb...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 1, 2026
Vulnerability Reserved
Jan 13, 2026

CVE-2026-23407 Data

JSON