CVE-2026-23405

NameCVE-2026-23405
DescriptionIn the Linux kernel, the following vulnerability has been resolved: apparmor: fix: limit the number of levels of policy namespaces Currently the number of policy namespaces is not bounded relying on the user namespace limit. However policy namespaces aren't strictly tied to user namespaces and it is possible to create them and nest them arbitrarily deep which can be used to exhaust system resource. Hard cap policy namespaces to the same depth as user namespaces.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
linux (PTS)bullseye5.10.223-1vulnerable
bullseye (security)5.10.251-1fixed
bookworm6.1.159-1vulnerable
bookworm (security)6.1.164-1fixed
trixie6.12.73-1vulnerable
trixie (security)6.12.74-2fixed
forky6.19.11-1fixed
sid6.19.13-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
linuxsourcebullseye5.10.251-1
linuxsourcebookworm6.1.164-1
linuxsourcetrixie6.12.74-2
linuxsource(unstable)6.19.6-2

Notes

https://git.kernel.org/linus/306039414932c80f8420695a24d4fe10c84ccfb2 (7.0-rc4)
https://www.qualys.com/2026/03/10/crack-armor.txt
Search for package or bug name: Reporting problems