CVE-2026-23407 — Improper Validation of Specified Index, Position, or Offset in Input in Linux
CWE-1285 — Improper Validation of Specified Index, Position, or Offset in Input13 documents8 sources
Severity
7.8HIGHNVD
OSV7.2
EPSS
0.0%
top 97.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 1
Latest updateApr 19
Description
In the Linux kernel, the following vulnerability has been resolved:
apparmor: fix missing bounds check on DEFAULT table in verify_dfa()
The verify_dfa() function only checks DEFAULT_TABLE bounds when the state
is not differentially encoded.
When the verification loop traverses the differential encoding chain,
it reads k = DEFAULT_TABLE[j] and uses k as an array index without
validation. A malformed DFA with DEFAULT_TABLE[j] >= state_count,
therefore, causes both out-of-bounds reads and writes…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages3 packages
▶CVEListV5linux/linux031dcc8f4e84fea37dc6f78fdc7288aa7f8386c3 — 7c7cf05e0606f554c467e3a4dc49e2e578a755b4+5
🔴Vulnerability Details
4VulDB▶
Linux Kernel up to 7.0-rc3 apparmor verify_dfa out-of-bounds (EUVD-2026-17835 / WID-SEC-2026-0950)↗2026-04-19
OSV▶
CVE-2026-23407: In the Linux kernel, the following vulnerability has been resolved: apparmor: fix missing bounds check on DEFAULT table in verify_dfa() The verify_dfa↗2026-04-01
GHSA▶
GHSA-6cp6-7hgg-4x9m: In the Linux kernel, the following vulnerability has been resolved:
apparmor: fix missing bounds check on DEFAULT table in verify_dfa()
The verify_d↗2026-04-01