Main Vulnerability Database Vulnerabilities #VU124774

#VU124774 Out-of-bounds write in Linux kernel - CVE-2026-23406

Published: April 1, 2026

Vulnerability identifier: #VU124774

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-23406

CWE-ID: CWE-787

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Linux kernel

Software vendor:
Linux Foundation

Description

The vulnerability allows a local user to cause a denial of service or potentially execute arbitrary code.

The vulnerability exists due to improper pointer arithmetic in the AppArmor match_char() macro within the Linux kernel's DFA matching logic when processing path permissions during file open operations. A local user can provide a specially crafted file access request that triggers differential encoding chain traversal with a post-incremented string pointer, causing the pointer to advance multiple times per iteration and resulting in out-of-bounds memory reads. This can lead to kernel memory corruption and system instability.

The vulnerability is exploitable during AppArmor policy enforcement when opening files, and may allow privilege escalation or system crash.

Remediation

Install security update from vendor's repository.

#VU124774 Out-of-bounds write in Linux kernel - CVE-2026-23406

Description

Remediation

External links

Please verify you're human