apparmor: Fix double free of ns_name in aa_replace_profiles()

...

SUSE CVE-2026-23408

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...

CVE-2026-23408

A flaw was found in AppArmor within the Linux kernel. This vulnerability involves a double free of the nsname variable in the aareplaceprofiles function. This can occur when nsname is assigned from ent-nsname without properly nulling out ent-nsname, leading to it being freed twice. A local attack...

EUVD-2026-17837

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...

CVE-2026-23408

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...

CVE-2026-23408

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...

CVE-2026-23408

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...

CVE-2026-23408 apparmor: Fix double free of ns_name in aa_replace_profiles()

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...

Temporal Server 安全漏洞

Temporal Server is a microservices orchestration platform developed by Temporal Corporation. There is a security vulnerability in Temporal Server. This vulnerability stems from the fact that users with the “Writer” role in the namespaces controlled by attackers can send signals, delete, and reset...

PT-2026-29583

Name of the Vulnerable Software and Affected Versions Temporal Server versions 1.29.0 and later Description A user with a writer role in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cluster. Exploitation requires the...

PT-2026-29491

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the apparmor subsystem related to a double free of ns name in the aa replace profiles function. Specifically, if ns name is NULL after unpacking...

CVE-2026-1497

Neo4j Enterprise suffers an incorrect namespace resolution in composite databases, before versions 2026.02 and 5.26.22. An admin granting access to a remote constituent "namespace.name" can inadvertently grant privileges to any local database or remote alias named "name"; if that target doesn’t e...