Qualys discovered several vulnerabilities in the AppArmor code of the Linux kernel. These are being referred to as CrackArmor, while CVE IDs have not been assigned yet. All of the vulnerabilities require unprivileged local user access. The impact of these vulnerabilities ranges from denial of service to kernel memory information leak, removing security controls, and local privilege escalation to root user. Ubuntu releases are affected differently and this is detailed in the corresponding sections below.

Linux kernel fixes for the supported Ubuntu releases are being made available as security updates by the Canonical Kernel Team. This page will be revised as more Linux kernel updates are released. Furthermore, our security team has provided userspace mitigations in the form of security updates, for all affected Ubuntu releases. Our recommendation is that you apply both userspace mitigations and Linux kernel security updates.

AppArmor is a Mandatory Access Control (MAC) Linux Security Module that provides an additional layer of security on Ubuntu systems and supplements the traditional Discretionary Access Control (DAC) model. In addition to being enabled by default on Ubuntu releases, AppArmor is also used by other Linux distributions.

This page provides a summary of the reported security vulnerabilities in the AppArmor Linux kernel code and the sudo application, as well as unsafe behaviour in the su utility which facilitates exploitation of the AppArmor kernel vulnerabilities. The following table summarizes the issues:

Exploitation on hosts not running container workloads requires the cooperation of a privileged application (e.g. a setuid binary). The presence of a container orchestration system without running containers does not by itself create an exploitation opportunity. The Qualys team have identified the behaviour of the su utility as enabling exploitation. This can only be triggered by unprivileged users that have a password set – unprivileged system users cannot invoke su successfully without having access to an account’s password and hence cannot trigger the vulnerabilities. In the absence of such a cooperating privileged application, the vulnerabilities can only be triggered by a privileged user (root).

An unrelated vulnerability has been identified by Qualys in sudo which can be triggered through the email notifications feature. This vulnerability enables local privilege escalation when chained with the AppArmor vulnerabilities and the su privileged application. sudo-rs, the Rust-rewrite of sudo available by default in Ubuntu Questing Quokka (25.10) and later, is not affected because of the design decision to not send email notifications.

The Ubuntu Security Team has prepared security updates for both su (in the util-linux package) and sudo. The su security patch should be considered a mitigation and we strongly recommend that you additionally apply the Linux kernel security updates as soon as possible.

In container deployments that may execute potentially-malicious attacker-controlled container images, the AppArmor Linux kernel vulnerabilities can be exploited without the need for a cooperating privileged userspace application. This could theoretically enable container escape scenarios, although this has not been practically demonstrated at the time of writing.

The Ubuntu Security Team strongly recommends applying the Linux kernel security updates as the only available remediation.

The following sections explain how different Ubuntu releases are impacted, and associated fixes or mitigations.

The Ubuntu Security Team has released security updates for the sudo and util-linux (containing the su utility) packages which act as userspace mitigations for the AppArmor kernel vulnerabilities. We strongly recommend that you apply these mitigations in addition to the Linux kernel security updates.

The following table lists the fixed versions of the sudo and util-linux packages in all supported Ubuntu releases:

On your system, run the following command to get the version of the currently running kernel and compare the listed version to the corresponding table below.

uname -r

The list of installed kernel packages can be obtained using the following command:

dpkg -l 'linux-image*' | grep ^ii

To get the version of the sudo and util-linux packages installed, run the following command and compare to the versions in the Mitigations section:

dpkg -l 'sudo*' 'util-linux' | grep ^ii

How to address

We recommend you upgrade all packages:

sudo apt update && sudo apt upgrade

If this is not possible, the userspace mitigations can be installed directly and do not require a reboot to apply:

sudo apt update
sudo apt install sudo util-linux

Similarly, if the Linux kernel is installed via a meta package, its update can be targeted directly:

sudo apt update
dpkg-query -W -f '${source:Package}\t${binary:Package}\n' | awk '$1 ~ "^linux-meta" { print $2 }' | xargs sudo apt install --only-upgrade

Once the security updates for the Linux kernel are installed, a reboot is required:

sudo reboot

The unattended-upgrades feature is enabled by default for Ubuntu 16.04 LTS onwards. This service:

• Applies new security updates every 24 hours automatically.
• If you have this enabled, the patches above will be automatically applied within 24 hours of being available, but a reboot will still be required.

The Linux kernel security updates address all of the AppArmor vulnerabilities identified by Qualys.

All supported Ubuntu releases are affected by the fundamental “confused deputy” vulnerability. The combination of vulnerabilities that enable local privilege escalation and container escape scenarios is not present in Trusty Tahr (14.04 LTS) or Xenial Xerus (16.04 LTS).

This section lists all of the affected kernel variants for each supported Ubuntu release.

Questing Quokka (25.10)

This release is affected by all vulnerabilities.

Noble Numbat (24.04)

This release is affected by all vulnerabilities.

Jammy Jellyfish (22.04)

This release is affected by all vulnerabilities.

Focal Fossa (20.04)

This release is affected by one of the two local privilege escalation vulnerabilities and is affected by the theoretical container escape scenario.

Bionic Beaver (18.04)

This release is affected by one of the two local privilege escalation vulnerabilities and is affected by the theoretical container escape scenario. Additionally, this release does not require any userspace mitigations.

All of the Linux kernel security updates are pending.

Xenial Xerus (16.04)

This release is not affected by any of the local privilege escalation vulnerabilities or by the theoretic container escape scenario. A privileged process can however trigger a denial-of-service via system crash. Additionally, this release does not require any userspace mitigations.

All of the Linux kernel security updates are pending.

Trusty Tahr (14.04)

This release is not affected by any of the local privilege escalation vulnerabilities or by the theoretic container escape scenario. A privileged process can however trigger a denial-of-service via system crash. Additionally, this release does not require any userspace mitigations.

All of the Linux kernel security updates are pending.

Confused deputy

All of the vulnerabilities rely on a fundamental “confused deputy” problem for exploitation in host deployments – this is one of the AppArmor kernel vulnerabilities, referred to as CVE-2026-XXXX. Any unprivileged application can open certain privileged control files under securityfs (usually mounted under /sys/kernel/security/) for writing, with permissions only checked upon actually writing data; if a privileged application can be tricked into writing the correct format to an opened file descriptor, the behaviour can be abused to load, remove, or change existing AppArmor profiles.

Exploiting this vulnerability requires a cooperating privileged (e.g. setuid root) application. The Qualys team have demonstrated the use of the su utility to perform AppArmor policy management, an otherwise privileged operation, from an unprivileged user. This only works for unprivileged users with passwords set and is what the util-linux mitigation targets.

This can independently lead to:

• Denial of service – loading AppArmor profiles that stop legitimate applications from running properly.
• Reduced security controls – removing installed AppArmor profiles and therefore reducing the confinement mechanisms. The Qualys team have demonstrated using this vulnerability to bypass the AppArmor user namespace restrictions.

Without this vulnerability, none of the other vulnerabilities are exploitable in host deployment scenarios, but are exploitable in the context of executing potentially malicious container images.

Privilege escalation via sudo

When the confused deputy vulnerability is combined with an independent vulnerability in sudo, tracked in Launchpad Bug #2143042, this issue can lead to local privilege escalation to the root user. This also requires a local mail transfer agent which can be used for arbitrary code execution via user-controlled environment variables. The Qualys team have demonstrated this using Postfix, which is not part of default Ubuntu installations. The issue only affects Ubuntu Noble Numbat (24.04 LTS) and Questing Quokka (25.10). The Ubuntu Security Team has released a security fix to address the sudo issue for all affected releases.

The sudo vulnerability results in the execution of a mail transfer agent (via /usr/sbin/sendmail) with elevated privileges if a prior call to drop the privileges failed. While dropping privileges would not normally fail for the setuid sudo application, AppArmor profiles can be used to selectively trigger the issue. When chained with the “confused deputy” AppArmor vulnerability and a mail transfer agent that trusts user environment variables (such as Postfix), the vulnerability can be trivially exploited for local privilege escalation to the root user.

The sudo-rs package, the Rust-rewrite of sudo, which is default in Ubuntu Questing Quokka (25.10) and later, is not affected by this vulnerability.

Uncontrolled recursion and infinite loop

A user that can load arbitrary AppArmor profiles, such as by using the “Confused deputy” vulnerability, can trigger a denial of service system crash by exploiting complex nested profiles.

Memory leak

A user that can load arbitrary AppArmor profiles can trigger a memory leak, resulting in a potential denial of service attack.

Out-of-bounds read

A user that can load arbitrary AppArmor profiles with carefully crafted file matching expressions can leak up to 64 KiB of kernel memory past the buffer where filenames for evaluation are stored. This memory can contain KASLR randomized kernel addresses.

Out-of-bounds read and write

A user that can load arbitrary AppArmor profiles can trigger limited out-of-bound reads and writes, which can theoretically lead to control of kernel execution flow, but this has not been demonstrated.

Use-after-free

A race condition in kernel AppArmor code could result in memory being written to after it was freed and possibly reallocated. The Qualys team have demonstrated using this to overwrite the page cache of /etc/passwd, providing a fake in-memory variant that marks the root user as not having a password and thus achieving local privilege escalation to root. The race condition can only be triggered by loading malicious AppArmor profiles, such as by using the “confused deputy” vulnerability mentioned earlier.

Double-free

A race condition in kernel AppArmor code could result in a double-free condition. The Qualys team have demonstrated this on Debian to override the memory location where a processes’ credentials are stored and achieve local privilege escalation to root. The vulnerability is likely to be exploitable on Ubuntu systems via other strategies, due to the use of different kernel configuration options.

We would like to thank Qualys for their excellent reporting and for engaging with the AppArmor team, the Canonical Kernel Team, the Ubuntu Security Team, the Linux Kernel Security Team, and other Linux distributions in coordinated vulnerability disclosure.

• Qualys CrackArmor security advisory
• Linux AppArmor patch set
• sudo patch