High

Double Free in Linux kernel AppArmor aa_replace_profiles()

IdentifiersCVE-2026-23408CWE-415· Double Free

CVE-2026-23408 is a Linux kernel AppArmor vulnerability in aa_replace_profiles() caused by a double free of ns_name during profile replacement/parsing. In the vulnerable path, if aa_unpack(udata, &lh, &ns_name) leaves ns_name as NULL and the load entry already contains a namespace string in ent->ns_name, the code transfers ownership by assigning ns_name = ent->ns_name. Later, aa_load_ent_free(ent) frees ent->ns_name, and ns_name is then freed again via kfree(ns_name), resulting in a double free. The issue is triggered while parsing profiles written to AppArmor's .load or .replace interfaces, including cases where no explicit profile header namespace is provided but a profile name implicitly specifies one, such as :mynamespace:myprofile. The upstream fix is to clear ent->ns_name after transferring it to ns_name so the pointer is not freed twice.

For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial

ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation can corrupt kernel heap state and lead to high impact on confidentiality, integrity, and availability. Published analysis indicates the flaw is exploitable for local privilege escalation to root. The described exploitation path uses the double free to obtain controlled kernel heap reallocation, disclose kernel pointers, achieve arbitrary kernel read/write primitives, and ultimately overwrite credential-related structures to gain root privileges. At minimum, the bug can cause kernel instability or denial of service; in the worst case it enables full local compromise.

Mitigation

If you can’t patch tonight, do this now.

If immediate patching is not possible, reduce exposure by restricting which local users can load or replace AppArmor profiles and by limiting access to the AppArmor .load/.replace interfaces to trusted administrators only. Because published exploitation relies on local access and, in one demonstrated chain, on AF_PACKET page vectors via a network namespace and therefore an unprivileged user namespace, hardening measures such as disabling unprivileged user namespaces where operationally feasible may reduce exploitability. These are compensating controls only and do not remove the underlying kernel memory corruption flaw.

Remediation

Patch, then assume compromise.

Apply a kernel update containing the AppArmor fix for CVE-2026-23408. The specific code fix is to set ent->ns_name to NULL immediately after ownership is transferred to ns_name in aa_replace_profiles(), preventing aa_load_ent_free(ent) and the later kfree(ns_name) from freeing the same allocation twice. Use vendor-provided fixed kernel packages for the affected distribution/product line and reboot into the updated kernel after installation.

PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType

LinuxLinux Kerneloperating_system

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

5 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

5 SOURCESView more in app

bugzilla suseNews

Jun 4, 2026

1258857 - (CVE-2026-23408) VUL-0: CVE-2026-23408: kernel: apparmor: Fix double free of ns_name in aa_replace_profiles()

A Linux kernel AppArmor double-free vulnerability in aa_replace_profiles() involving ns_name, which can be exploited for local privilege escalation to root under certain conditions.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.

Start free trial

Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity1

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES

MITRE CVE

cve.org · CVE-2026-23408

NVD

nvd.nist.gov/vuln/detail/CVE-2026-23408

MITRE CWE · CWE-415

Double Free

Patch

git.kernel.org/stable/c/18b5233e860c294a847ee07869d93c0b8673a54b

Patch

git.kernel.org/stable/c/35f4caec1352054b9a61cfdf2bf1898073637aa0

Patch

git.kernel.org/stable/c/55ef2af7490aaf72f8ffe11ec44c6bcb7eb2162a

Patch

git.kernel.org/stable/c/5df0c44e8f5f619d3beb871207aded7c78414502

Patch

git.kernel.org/stable/c/7998ab3010d2317643f91828f1853d954ef31387

Patch

git.kernel.org/stable/c/86feeccd6b93ed94bd6655f30de80f163f8d5a45

Patch

git.kernel.org/stable/c/c053ae381ce227577567d1ef10090ce7506d7a28

Patch

git.kernel.org/stable/c/c6347a2116ecccb8fd9ee4ebc75ae41d1d7ef689