Ubuntu AppArmor Flaws Could Enable Local Privilege Escalation
Qualys disclosed multiple vulnerabilities in Ubuntu’s AppArmor kernel security module (CrackArmor) that can cause memory leaks and DoS, and, when combined with a sudo discovery, may enable local privilege escalation. Canonical is rolling out fixes across affected Ubuntu releases, addressing issues from DFA state bounds and memory leaks to policy namespace limits and race conditions. The advisory also notes unsafe su behavior prompting hardening, with the sudo flaw affecting releases back to 22.04 LTS and su hardening traced to 20.04 LTS; more details are available in Qualys’ advisory.