apparmor: Fix double free of ns_name in aa_replace_profiles()

Description

A vulnerability has been found in Linux Kernel up to 6.6.129/6.12.76/6.18.17/6.19.7/7.0-rc3 and classified as critical. Impacted is the function aa_replace_profiles of the component apparmor. The manipulation leads to double free. This vulnerability is listed as CVE-2026-23408. The attack must be carried out from within the local network. There is no available exploit. The affected component should be upgraded.

Affected Products

Vendor	Product	Versions
Linux	Linux	145a0ef21c8e944957f58e2c8ffcd8a10f46266a, 145a0ef21c8e944957f58e2c8ffcd8a10f46266a, 145a0ef21c8e944957f58e2c8ffcd8a10f46266a, 145a0ef21c8e944957f58e2c8ffcd8a10f46266a, 145a0ef21c8e944957f58e2c8ffcd8a10f46266a, 5.5, 6.6.129, 6.12.76, 6.18.17, 6.19.7, 7.0-rc3

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
linux	linux	mitre_affected	90%

References

Related News (2 articles)

Tier C

VulDB5h ago

CVE-2026-23408 | Linux Kernel up to 6.6.129/6.12.76/6.18.17/6.19.7/7.0-rc3 apparmor aa_replace_profiles double free

→ No new info (linked only)

Tier C

Linux Kernel CVEs6h ago

CVE-2026-23408: apparmor: Fix double free of ns_name in aa_replace_profiles()

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

55ef2af7490aaf72f8ffe11ec44c6bcb7eb2162a86feeccd6b93ed94bd6655f30de80f163f8d5a457998ab3010d2317643f91828f1853d954ef3138718b5233e860c294a847ee07869d93c0b8673a54b5df0c44e8f5f619d3beb871207aded7c7841450206.6.1306.12.776.18.186.19.87.0-rc4

PublishedApr 1, 2026

Last enriched4h agov3

Trending Score41

Source articles2

Independent2

Info Completeness7/14

Missing: cvss, epss, cwe, kev, exploit, iocs, mitre_attack