DigiNews

Tech Watch by Johan Denoyer

← Back to articles

oss-security - Re: Multiple vulnerabilities in AppArmor

Quality: 8/10 Relevance: 9/10

Summary

The article documents multiple AppArmor vulnerabilities, including a confused-deputy flaw enabling an unprivileged user to load, replace and remove arbitrary AppArmor profiles, potentially weakening defenses or enabling root access via Sudo/Postfix. It also describes kernel-space bugs (uncontrolled recursion, out-of-bounds read, use-after-free, and double-free) and a patch timeline across Ubuntu, Debian, and SUSE, with upstream fixes in Linus's tree. This serves as a comprehensive security advisory and patch-tracking resource for admins.

🚀 Service construit par Johan Denoyer