CVE-2026-23269Linux vulnerability

18 documents9 sources
Severity
7.1HIGHNVD
OSV7.8
EPSS
0.0%
top 97.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LinuxLinux Kernel
Timeline
PublishedMar 18
Latest updateApr 13

Description

In the Linux kernel, the following vulnerability has been resolved: apparmor: validate DFA start states are in bounds in unpack_pdb Start states are read from untrusted data and used as indexes into the DFA state tables. The aa_dfa_next() function call in unpack_pdb() will access dfa->tables[YYTD_ID_BASE][start], and if the start state exceeds the number of states in the DFA, this results in an out-of-bound read. BUG: KASAN: slab-out-of-bounds in aa_dfa_next+0x2a1/0x360 Read of size 4 at addr

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages3 packages

Linuxlinux/linux_kernel3.4.06.6.130+3
Debianlinux/linux_kernel< 5.10.251-1+3
CVEListV5linux/linuxad5ff3db53c68c2f12936bc74ea5dfe0af94359207cf6320f40ea2ccfad63728cff34ecb309d03da+5

🔴Vulnerability Details

6
OSV
linux-oem-6.17 vulnerabilities2026-04-06
OSV
linux-raspi vulnerabilities2026-04-01
OSV
apparmor: validate DFA start states are in bounds in unpack_pdb2026-03-18
OSV
CVE-2026-23269: In the Linux kernel, the following vulnerability has been resolved: apparmor: validate DFA start states are in bounds in unpack_pdb Start states are r2026-03-18
CVEList
apparmor: validate DFA start states are in bounds in unpack_pdb2026-03-18

📋Vendor Advisories

10
Ubuntu
Kernel Live Patch Security Notice2026-04-13
Ubuntu
Linux kernel (Azure) vulnerabilities2026-04-13
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2026-04-09
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2026-04-09
Ubuntu
Linux kernel (Intel IoTG Real-time) vulnerabilities2026-04-09

🕵️Threat Intelligence

1
Wiz
CVE-2026-23269 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23269 — Linux vulnerability | cvebase