CVE-2026-23408

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

In the Linux kernel, the following vulnerability has been resolved:

apparmor: Fix double free of ns name in aa replace profiles()

if ns name is NULL after 1071 error = aa unpack(udata, &lh, &ns name);

and if ent->ns name contains an ns name in 1089 } else if (ent->ns name) {

then ns name is assigned the ent->ns name 1095 ns name = ent->ns name;

however ent->ns name is freed at 1262 aa load ent free(ent);

and then again when freeing ns name at 1270 kfree(ns name);

Fix this by NULLing out ent->ns name after it is transferred to ns name

Found an issue in the description? Have something to add? Feel free to write us 👾

Related Identifiers

CVE-2026-23408

Linux