CVE-2026-23409

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contained a flaw in its AppArmor implementation related to differential encoding verification. This flaw allowed for the creation of loops if abused, potentially leading to issues. The differential encode verification had two bugs: it incorrectly handled states that had been checked and marked, and it used incorrect iterators during the order bailout check, leading to misidentification of states. These issues were addressed by implementing a double mark scheme to differentiate between already verified states and those currently being checked, and by removing the incorrect backwards verification check.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

CVE-2026-23409

OESA-2026-1862

OESA-2026-1863

OESA-2026-1864

USN-8098-10

USN-8152-1

USN-8163-1

USN-8163-2

USN-8164-1

USN-8165-1

USN-8201-1

USN-8224-1

USN-8243-1

USN-8261-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

CVE-2026-23409

Weakness Enumeration

Related Identifiers

Affected Products

References · 897