4209 matches found
CVE-2026-23408
A flaw was found in AppArmor within the Linux kernel. This vulnerability involves a double free of the nsname variable in the aareplaceprofiles function. This can occur when nsname is assigned from ent-nsname without properly nulling out ent-nsname, leading to it being freed twice. A local attack...
EUVD-2026-17837
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...
EUVD-2026-17831
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verifyheader The function sets ns = NULL on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checki...
CVE-2026-23408
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...
CVE-2026-23403
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verifyheader The function sets ns = NULL on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checki...
UBUNTU-CVE-2026-23403
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verifyheader The function sets ns = NULL on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checki...
CVE-2026-23403
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verifyheader The function sets ns = NULL on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checki...
CVE-2026-23405
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix: limit the number of levels of policy namespaces Currently the number of policy namespaces is not bounded relying on the user namespace limit. However policy namespaces aren't strictly tied to user namespaces and it...
CVE-2026-23408
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...
CVE-2026-23408
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...
CVE-2026-23408 apparmor: Fix double free of ns_name in aa_replace_profiles()
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...
CVE-2026-23405 apparmor: fix: limit the number of levels of policy namespaces
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix: limit the number of levels of policy namespaces Currently the number of policy namespaces is not bounded relying on the user namespace limit. However policy namespaces aren't strictly tied to user namespaces and it...
CVE-2026-23403
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verifyheader The function sets ns = NULL on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checki...
CVE-2026-23403 apparmor: fix memory leak in verify_header
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verifyheader The function sets ns = NULL on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checki...
CVE-2026-23403
CVE-2026-23403 concerns the AppArmor memory leak in Linux kernel’s verify_header. The issue arises because a function sets *ns = NULL on every call, leaking the previously allocated namespace string across successive profile unpackings and causing namespace consistency checks to see NULL for *ns....
EUVD-2026-17687
SiYuan vulnerable to reflected XSS via SVG namespace prefix bypass in SanitizeSVG getDynamicIcon, unauthenticated...
GHSA-73G7-86QR-JRG3 SiYuan vulnerable to reflected XSS via SVG namespace prefix bypass in SanitizeSVG (getDynamicIcon, unauthenticated)
Summary The SanitizeSVG function introduced in v3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as . The Go HTML5 parser records the element's tag as "x:script" rather than "script", so the tag check passes i...
SiYuan vulnerable to reflected XSS via SVG namespace prefix bypass in SanitizeSVG (getDynamicIcon, unauthenticated)
Summary The SanitizeSVG function introduced in v3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as . The Go HTML5 parser records the element's tag as "x:script" rather than "script", so the tag check passes i...
Temporal Server 安全漏洞
Temporal Server is a microservices orchestration platform developed by Temporal Corporation. There is a security vulnerability in Temporal Server. This vulnerability stems from the fact that users with the “Writer” role in the namespaces controlled by attackers can send signals, delete, and reset...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of restrictions on the number of policy namespace levels. This vulnerability may lead to...