CVE-2026-23405Allocation of Resources Without Limits or Throttling in Linux

CWE-770Allocation of Resources Without Limits or Throttling13 documents8 sources
Severity
7.2HIGHOSV
No vector
EPSS
0.0%
top 90.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedApr 1
Latest updateApr 19

Description

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix: limit the number of levels of policy namespaces Currently the number of policy namespaces is not bounded relying on the user namespace limit. However policy namespaces aren't strictly tied to user namespaces and it is possible to create them and nest them arbitrarily deep which can be used to exhaust system resource. Hard cap policy namespaces to the same depth as user namespaces.

Affected Packages3 packages

Debianlinux/linux_kernel< 5.10.251-1+3
CVEListV5linux/linuxc88d4c7b049e87998ac0a9f455aa545cc895ef923f8699b3ee0c04b4b9bc27b82cd89a40e81e1d2e+5
debiandebian/linux< linux 6.1.164-1 (bookworm)

🔴Vulnerability Details

4
VulDB
Linux Kernel up to 7.0-rc3 apparmor privilege escalation (EUVD-2026-17833 / WID-SEC-2026-0950)2026-04-19
OSV
linux-oem-6.17 vulnerabilities2026-04-06
GHSA
GHSA-xwx5-hj9g-f35h: In the Linux kernel, the following vulnerability has been resolved: apparmor: fix: limit the number of levels of policy namespaces Currently the num2026-04-01
OSV
CVE-2026-23405: In the Linux kernel, the following vulnerability has been resolved: apparmor: fix: limit the number of levels of policy namespaces Currently the numbe2026-04-01

📋Vendor Advisories

7
Ubuntu
Linux kernel (Azure) vulnerabilities2026-04-13
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2026-04-09
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2026-04-09
Ubuntu
Linux kernel (Intel IoTG Real-time) vulnerabilities2026-04-09
Ubuntu
Linux kernel (OEM) vulnerabilities2026-04-06

🕵️Threat Intelligence

1
Wiz
CVE-2026-23405 Impact, Exploitability, and Mitigation Steps | Wiz