CVE-2026-23406

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc7-next-20260127

Description The Linux kernel contains a flaw within the apparmor subsystem, specifically in the match char() macro. This macro incorrectly evaluates its character parameter multiple times during differential encoding chain traversal. When used with str++, the string pointer increments with each inner loop iteration, causing the Deterministic Finite Automaton (DFA) to check different characters and potentially skip input. This can lead to out-of-bounds reads when the pointer goes beyond the input buffer's boundaries. The issue manifests as a slab-out-of-bounds error, as indicated by KASAN.

Recommendations Update to kernel version 6.19.0-rc7-next-20260127 or later.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2026-23406

OESA-2026-1950

OESA-2026-2172

OESA-2026-2176

USN-8098-10

USN-8152-1

USN-8163-1

USN-8163-2

USN-8164-1

USN-8165-1

USN-8201-1

USN-8224-1

USN-8243-1

USN-8261-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

CVE-2026-23406

Weakness Enumeration

Related Identifiers

Affected Products

References · 886