Mastodawn

These #apparmor profiles are checked when running 'apt update' on #Ubuntu and #LinuxMint, so the kernel log/dmesg would fill up just from the update manager running it periodically.

Who Let The Dogs Out 🐾3d ago

Компания Qualys сообщила о девяти уязвимостях в AppArmor и объединила находки под названием CrackArmor.

https://blog.qualys.com/vulnerabilities-threat-research/2026/03/12/crackarmor-critical-apparmor-flaws-enable-local-privilege-escalation-to-root

Проблема появилась ещё в 2017 году вместе с ядром Linux версии 4.11.

AppArmor входит в ядро Linux и выполняет роль обязательного контроля доступа. Механизм ограничивает возможности отдельных программ, не позволяя приложениям читать чужие файлы, выполнять опасные системные вызовы или получать дополнительные права.

CrackArmor позволяет локальному пользователю без прав root-а манипулировать профилями безопасности через специальные псевдофайлы в каталоге /sys/kernel/security/apparmor/. В результате атакующий способен повысить привилегии до уровня root.

До появления патчей необходимо контролировать изменения в каталоге `/sys/kernel/security/apparmor/`, поскольку подозрительная модификация профилей может указывать на попытку эксплуатации уязвимости.

https://www.securitylab.ru/news/570418.php

#Linux #apparmor #crackarmor #vulnerability

CrackArmor Vulnerability 2026: AppArmor Root Access & Qualys Detection | Qualys

CrackArmor — nine AppArmor flaws enable root access & container escape on 12M+ Linux systems. Qualys TRU discovered & validated. Learn attack paths, impact, and immediate mitigation steps. Patch now.

Qualys

Lawrence Wells Apr 5

Looking to harden #mxlinux and learned about #apparmor .. but there's no listing of #librewolf in apparmor.d .... how do I use apparmor with librewolf? Any advice welcome. #linux #debian

Nizar Kerkeni 🇹🇳 نزار القرقني Mar 23

CrackArmor : failles AppArmor Linux - corrigez Ubuntu et Debian maintenant

https://goodtech.info/crackarmor-failles-apparmor-linux-ubuntu-debian-escalade-root-correctifs/

#CrackArmor #AppArmor #Linux #Debian #Ubuntu #CVE

🔴 CrackArmor : 9 failles AppArmor menacent 12,6 millions de serveurs Linux - patchez maintenant

Les chercheurs Qualys révèlent CrackArmor : 9 vulnérabilités AppArmor permettant l'escalade root sur Ubuntu, Debian et SUSE. Correctifs disponibles, redémarrage obligatoire.

Goodtech

Hackaday Mar 20

This Week in Security: Linux Flaws, Python Ownage, and a Botnet Shutdown

https://fed.brid.gy/r/https://hackaday.com/2026/03/20/this-week-in-security-linux-flaws-python-ownage-and-a-botnet-shutdown/

13 Mar 20

This Week in Security: Linux Flaws, Python Ownage, and a Botnet Shutdown https://hackaday.com/2026/03/20/this-week-in-security-linux-flaws-python-ownage-and-a-botnet-shutdown/
#HackadayColumns #SecurityHacks #Apparmor #Botnet #Git #Python #Snapd #ThisWeekinSecurity #Ubuntu #Unifi

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

The ides of security March are upon us — Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and Kubernete…

Hackaday

Otto Mar 20

🛡️ MariaDB's new AppArmor profile is now enforcing in Debian unstable and heading to Ubuntu 26.04. I developed it against 7,000+ tests to minimize false positives, full story at https://optimizedbyotto.com/post/new-apparmor-profile-for-mariadb/

If you are a dba/sysadmin, check your logs and share feedback via the Debian bug tracker.

#AppArmor #MariaDB #opensource

Automated security validation: How 7,000+ tests shaped MariaDB's new AppArmor profile

Linux kernel security modules provide a good additional layer of security around individual programs by restricting what they are allowed to do, and at best block and detect zero-day security vulnerabilities as soon as anyone tries to exploit them, long before they are widely known and reported. However, the challenge is how to create these security profiles without accidentally also blocking legitimate actions. For MariaDB in Debian and Ubuntu, a new AppArmor profile was recently created by leveraging the extensive test suite with 7000+ tests, giving good confidence that AppArmor is unlikely to yield false positive alerts with it.\n

Optimized by Otto

lars Mar 19

AppArmor-Sicherheitslücken erklärt: Was „CrackArmor“ für Linux-Nutzer wirklich bedeutet

**Sicherheitslücken in AppArmor: Warum Linux-Updates jetzt wichtig sind** Neun kritische Schwachstellen in AppArmor (CrackArmor) ermöglichen Rechteausweitung und Container-Escape. Betroffen sind Ubuntu-Systeme – Updates sind dringend nötig.

https://dasnetzundich.de/apparmor-sicherheitsluecken-erklaert-was-crackarmor-fuer-linux-nutzer-wirklich-bedeutet/