VDB

CVE-2026-23408

CVE-2026-23408 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of ns_name in aa_replace_profiles() if ns_name is NULL after 1071 error = aa_unpack(udata, &lh, &ns_name); and if ent->ns_name contains an ns_name in 1089 } else if (ent->ns_name) { then ns_name is assigned the ent->ns_name 1095 ns_name = ent->ns_name; however ent->ns_name is freed at 1262 aa_load_ent_free(ent); and then again when freeing ns_name at 1270 kfree(ns_name); Fix this by NULLing out ent->ns_name after it is transferred to ns_name ")

EPSS 0.01% · 0.8th percentile

Risk Scores

EPSS Score
0.01%
0.8th percentile

Affected Products

VendorProductVersions
LinuxLinux*, 6.18.18, 7.0-rc4
linuxlinux_kernel5.5, 5.5, 5.5

Timeline

  • Apr 1, 2026 CVE Published
  • Apr 1, 2026 PoC Published
  • Apr 1, 2026 Security Advisory
  • Apr 24, 2026 CVE Updated
  • May 18, 2026 EPSS Score
  • May 19, 2026 EPSS Score
  • May 20, 2026 EPSS Score
  • May 21, 2026 EPSS Score
  • May 22, 2026 EPSS Score
  • May 23, 2026 EPSS Score
  • May 24, 2026 EPSS Score
  • May 25, 2026 EPSS Score

References

…and 91 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›