Multiple vulnerabilities in the AppArmor Linux kernel Security Module (CVE-2026-23268, CVSS 7.8, and others) allow an unprivileged local attacker to load, replace, or remove arbitrary AppArmor profiles, leading to denial of service, information disclosure, privilege escalation, or container escape. Additional flaws were patched in the ARM64, Cryptographic API, Netfilter, and Network traffic control subsystems. The update is provided in USN-8164-1 for the Intel IoTG Real-time kernel variant.
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853, CVE-2026-23268, CVE-2026-23269, CVE-2026-23403, CVE-2026-23404, CVE-2026-23405, CVE-2026-23406, CVE-2026-23407, CVE-2026-23408, CVE-2026-23409, CVE-2026-23410, CVE-2026-23411) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - Netfilter; - Network traffic control; (CVE-2025-37849, CVE-2026-23060, CVE-2026-23074, CVE-2026-23111)