Resource exhaustion in Linux kernel - CVE-2026-23409
Published: April 1, 2026
Vulnerability identifier: #VU124777
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-23409
CWE-ID: CWE-400
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in AppArmor's differential encoding verification when processing encoded profile data. A local user can provide a specially crafted differential-encoded profile that creates loops in the chain to cause a denial of service.
Successful exploitation requires the ability to load AppArmor profiles, which is restricted to privileged users. However, since no additional authentication beyond standard system privileges is required, the attacker capability is considered as a local user with low privileges in the context of the vulnerability.
How to mitigate CVE-2026-23409
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/1ff4857fac56ac5a90ee63b24db05fa5e91a45aa
- https://git.kernel.org/stable/c/34fc60b125ed1d4eb002c76b0664bf0619492167
- https://git.kernel.org/stable/c/39440b137546a3aa383cfdabc605fb73811b6093
- https://git.kernel.org/stable/c/623a9d211bbbb031bb1cbdb38b23487648167f8a
- https://git.kernel.org/stable/c/f90e3ecd9e1ed69f1a370f866ceed1f104f3ab4a