AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-23404: In the Linux kernel, the following vulnerability has been resolved: apparmor: replace recursive profile removal with it

infovulnerability

security

Source: NVD/CVE DatabaseApril 1, 2026CVE-2026-23404

Summary

A vulnerability in the Linux kernel's AppArmor security module (a tool that controls what programs can access on a system) causes the system to crash when removing many nested profiles due to stack exhaustion from recursive function calls. The fix replaces the recursive profile removal method with an iterative approach (a method that repeats steps instead of calling itself) that achieves the same result without using excessive memory.

Solution / Mitigation

Replace the recursive __aa_profile_list_release() approach with an iterative approach in __remove_profile(). The function repeatedly finds and removes leaf profiles until the entire subtree is removed, maintaining the same removal semantic without recursion.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Disclosure Date

April 1, 2026

Classification

Attack SophisticationModerate

Impact (CIA+S)

availability

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-23404

First tracked: April 1, 2026 at 08:07 AM

Classified by LLM (prompt v3) · confidence: 95%