AskUbuntu2d ago

Firefox crashes after replacing snap with APT build on Ubuntu 26.04 LTS - Sandbox: CanCreateUserNamespace() EPERM, Wayland bind error, AppArmor denial #firefox #wayland #apparmor #2604

https://askubuntu.com/q/1566816/612

Firefox crashes after replacing snap with APT build on Ubuntu 26.04 LTS - Sandbox: CanCreateUserNamespace() EPERM, Wayland bind error, AppArmor denial

Environment OS: Ubuntu 26.04 LTS (fresh install, last LTS) Hardware: AMD-powered laptop [Lenovo IdeaPad-Slim-5-15ARP1] Session: Wayland Firefox: installed from Mozilla APT repository (removed snap...

Ask Ubuntu
Show threadkravietz 🦇4d ago

@zhenech

Why #AppArmor and sysctl hardening makes a good job by breaking exploit chains:

Ubuntu note: AppArmor restricts unprivileged user namespaces by default. You must first run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
Hugo | DevOps | CybersecurityMay 3

CVE-2026-23409: infinite loop in AppArmor unpacking via crafted policy. Two bugs in state verification logic. Requires CAP_MAC_ADMIN but trivial DoS once you have it. Patch in 6.13-rc1. Update now if you use AppArmor. #CVE #LinuxKernel #AppArmor

https://www.valtersit.com/cve/2026/04/cve-2026-23409/

CVE-2026-23409 | Valters IT Hub

Linux EasyApr 25

AppArmor 5.0 porta sicurezza Linux a un nuovo livello con policy più flessibili 🔐 #Linux #Security #AppArmor #OpenSource

https://www.linuxeasy.org/apparmor-5-0-migliora-la-sicurezza-su-linux-con-policy-piu-avanzate/?utm_source=mastodon&utm_medium=jetpack_social

AppArmor 5.0 migliora la sicurezza su Linux con policy più avanzate

AppArmor 5.0 introduce nuove policy, miglioramenti sicurezza e gestione avanzata per sistemi Linux moderni.

Linux Easy
AskUbuntuApr 20

User space appamor profile #apparmor #electron

https://askubuntu.com/q/1565839/612

User space appamor profile

Is it possible to build a user-space apparmor profile? I have an Electron app, and a bunch of users that prefer installing their apps in their home rather than in the root. Unfortunately, running the

Ask Ubuntu
AskUbuntuApr 19

User land appamor profile #apparmor #electron

https://askubuntu.com/q/1565839/612

User land appamor profile

Is it possible to build a user-land apparmor profile? I have an Electron app, and a bunch of users that prefer installing their apps in their home rather than in the root. Unfortunately, running the

Ask Ubuntu
Show threadEddy JanssonApr 12
These #apparmor profiles are checked when running 'apt update' on #Ubuntu and #LinuxMint, so the kernel log/dmesg would fill up just from the update manager running it periodically.
Who Let The Dogs Out 🐾Apr 9

Компания Qualys сообщила о девяти уязвимостях в AppArmor и объединила находки под названием CrackArmor.

https://blog.qualys.com/vulnerabilities-threat-research/2026/03/12/crackarmor-critical-apparmor-flaws-enable-local-privilege-escalation-to-root

Проблема появилась ещё в 2017 году вместе с ядром Linux версии 4.11.

AppArmor входит в ядро Linux и выполняет роль обязательного контроля доступа. Механизм ограничивает возможности отдельных программ, не позволяя приложениям читать чужие файлы, выполнять опасные системные вызовы или получать дополнительные права.

CrackArmor позволяет локальному пользователю без прав root-а манипулировать профилями безопасности через специальные псевдофайлы в каталоге /sys/kernel/security/apparmor/. В результате атакующий способен повысить привилегии до уровня root.

До появления патчей необходимо контролировать изменения в каталоге `/sys/kernel/security/apparmor/`, поскольку подозрительная модификация профилей может указывать на попытку эксплуатации уязвимости.

https://www.securitylab.ru/news/570418.php

#Linux #apparmor #crackarmor #vulnerability

CrackArmor Vulnerability 2026: AppArmor Root Access & Qualys Detection | Qualys

CrackArmor — nine AppArmor flaws enable root access & container escape on 12M+ Linux systems. Qualys TRU discovered & validated. Learn attack paths, impact, and immediate mitigation steps. Patch now.

Qualys
Nizar Kerkeni 🇹🇳 نزار القرقنيMar 23

CrackArmor : failles AppArmor Linux - corrigez Ubuntu et Debian maintenant

https://goodtech.info/crackarmor-failles-apparmor-linux-ubuntu-debian-escalade-root-correctifs/

#CrackArmor #AppArmor #Linux #Debian #Ubuntu #CVE

🔴 CrackArmor : 9 failles AppArmor menacent 12,6 millions de serveurs Linux - patchez maintenant

Les chercheurs Qualys révèlent CrackArmor : 9 vulnérabilités AppArmor permettant l'escalade root sur Ubuntu, Debian et SUSE. Correctifs disponibles, redémarrage obligatoire.

Goodtech
Hackaday [Unofficial]Mar 20

This Week in Security: Linux Flaws, Python Ownage, and a Botnet Shutdown

https://fed.brid.gy/r/https://hackaday.com/2026/03/20/this-week-in-security-linux-flaws-python-ownage-and-a-botnet-shutdown/