PT-2026-26129 · Linux · Linux
Published
2026-03-18
·
Updated
2026-03-18
·
CVE-2026-23269
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
In the Linux kernel, the following vulnerability has been resolved:
apparmor: validate DFA start states are in bounds in unpack pdb
Start states are read from untrusted data and used as indexes into the
DFA state tables. The aa dfa next() function call in unpack pdb() will
access dfa->tables[YYTD ID BASE][start], and if the start state exceeds
the number of states in the DFA, this results in an out-of-bound read.
==================================================================
BUG: KASAN: slab-out-of-bounds in aa dfa next+0x2a1/0x360
Read of size 4 at addr ffff88811956fb90 by task su/1097
...
Reject policies with out-of-bounds start states during unpacking
to prevent the issue.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux