10979 matches found
CVE-2026-23409
A flaw was found in AppArmor, a security module in the Linux kernel. This vulnerability occurs due to incorrect verification of differential encoding chains, which are designed to prevent malicious loops. An attacker could exploit this flaw by crafting a specially designed differential encoding...
EUVD-2026-17839
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix differential encoding verification Differential encoding allows loops to be created if it is abused. To prevent this the unpack should verify that a diff-encode chain terminates. Unfortunately the differential encod...
EUVD-2026-17834
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in matchchar macro usage The matchchar macro evaluates its character parameter multiple times when traversing differential encoding chains. When invoked with str++, the string pointer advances on eac...
EUVD-2026-17835
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix missing bounds check on DEFAULT table in verifydfa The verifydfa function only checks DEFAULTTABLE bounds when the state is not differentially encoded. When the verification loop traverses the differential encoding...
CVE-2026-23406
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in matchchar macro usage The matchchar macro evaluates its character parameter multiple times when traversing differential encoding chains. When invoked with str++, the string pointer advances on eac...
CVE-2026-23409
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix differential encoding verification Differential encoding allows loops to be created if it is abused. To prevent this the unpack should verify that a diff-encode chain terminates. Unfortunately the differential encod...
CVE-2026-23409
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix differential encoding verification Differential encoding allows loops to be created if it is abused. To prevent this the unpack should verify that a diff-encode chain terminates. Unfortunately the differential encod...
CVE-2026-23407
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix missing bounds check on DEFAULT table in verifydfa The verifydfa function only checks DEFAULTTABLE bounds when the state is not differentially encoded. When the verification loop traverses the differential encoding...
UBUNTU-CVE-2026-23406
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in matchchar macro usage The matchchar macro evaluates its character parameter multiple times when traversing differential encoding chains. When invoked with str++, the string pointer advances on eac...
UBUNTU-CVE-2026-23409
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix differential encoding verification Differential encoding allows loops to be created if it is abused. To prevent this the unpack should verify that a diff-encode chain terminates. Unfortunately the differential encod...
CLSA-2026-1775034352 squid: Fix of CVE-2025-59362
CVE-2025-59362: fix mishandling of ASN.1 encoding of long SNMP OIDs in lib/snmplib/asn1.c asnbuildobjid...
CVE-2026-23409
The CVE-2026-23409 issue is in the Linux kernel AppArmor differential encoding verification. It describes two bugs: (1) mixing states that have already been verified with those currently being checked, which can cause loops in the current chain to be treated as verified, and (2) an incorrect bail...
CVE-2026-23409
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix differential encoding verification Differential encoding allows loops to be created if it is abused. To prevent this the unpack should verify that a diff-encode chain terminates. Unfortunately the differential encod...
CVE-2026-23409
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix differential encoding verification Differential encoding allows loops to be created if it is abused. To prevent this the unpack should verify that a diff-encode chain terminates. Unfortunately the differential encod...
CVE-2026-23409 apparmor: fix differential encoding verification
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix differential encoding verification Differential encoding allows loops to be created if it is abused. To prevent this the unpack should verify that a diff-encode chain terminates. Unfortunately the differential encod...
CVE-2026-23407
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix missing bounds check on DEFAULT table in verifydfa The verifydfa function only checks DEFAULTTABLE bounds when the state is not differentially encoded. When the verification loop traverses the differential encoding...
CVE-2026-23407
The CVE-2026-23407 issue affects the Linux kernel AppArmor DFA verification. The root cause is a missing bounds check on DEFAULT_TABLE in verify_dfa(), which can read k = DEFAULT_TABLE[j] as an index without validation when traversing the differential encoding chain, allowing out-of-bounds reads/...
CVE-2026-23406
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in matchchar macro usage The matchchar macro evaluates its character parameter multiple times when traversing differential encoding chains. When invoked with str++, the string pointer advances on eac...
CVE-2026-23406 apparmor: fix side-effect bug in match_char() macro usage
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in matchchar macro usage The matchchar macro evaluates its character parameter multiple times when traversing differential encoding chains. When invoked with str++, the string pointer advances on eac...
CVE-2026-23406
CVE-2026-23406 concerns the AppArmor Linux kernel module. The issue arises in the DFA matching logic used during file path checks, where the macro match_char() can evaluate its character parameter multiple times when traversing differential encoding chains. If invoked with *str++, the string poin...