CVE-2026-23403
Published: Apr 1, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verify_header The function sets `*ns = NULL` on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checking since *ns is always NULL when the comparison is made. Remove the incorrect assignment. The caller (aa_unpack) initializes *ns to NULL once before the loop, which is sufficient.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected dd51c84857630e77c139afe4d9bba65fc051dc3f - < 9d678eb0fe55c9195d9a253e8c5b82a87b930737affected dd51c84857630e77c139afe4d9bba65fc051dc3f - < 6b79abcb3c985e153fcf9d395e1d4336081aabc2affected dd51c84857630e77c139afe4d9bba65fc051dc3f - < bcf82c0c5a8b383fd2d5d8f3fd880cdcab2ac557affected dd51c84857630e77c139afe4d9bba65fc051dc3f - < 663ce34786e759ebcbeb3060685c20bcc886d51aaffected dd51c84857630e77c139afe4d9bba65fc051dc3f - < 786e2c2a87d9c505f33321d1fd23a176aa8ddeb1+3 more versions |
Linux | Linux | affected 3.12unaffected 0 - < 3.12unaffected 5.10.253 - <= 5.10.*unaffected 5.15.203 - <= 5.15.*unaffected 6.1.169 - <= 6.1.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now