CrackArmor: Multiple vulnerabilities in AppArmor
Summary
Qualys exposes a set of nine vulnerabilities in AppArmor, including a confused-deputy flaw that allows unprivileged users to load, replace, and remove profiles, enabling potential local privilege escalations to root. The advisory details both user-space and kernel-space vulnerabilities (recursion, out-of-bounds read, use-after-free, and double-free) with implications for Ubuntu, Debian, and SUSE systems, along with a timeline for disclosure and patch progress. While no CVEs are assigned yet, the findings underscore the need for prompt patching and mitigations across affected environments.