nicod_CrackArmor: Critical AppArmor Flaws Enable Local Privilege Escalation to Root | Qualys
All Linux kernels since v4.11 are vulnerable on any distribution that integrates AppArmor — including Ubuntu, Debian, SUSE, and their derivatives — exposing a flaw that any unprivileged local user can exploit.
Outch. 😬
CrackArmor: Critical AppArmor Flaws Enable Local Privilege Escalation to Root | Qualys
Qualys TRU has discovered confused deputy vulnerabilities in AppArmor (named “CrackArmor”) that allow unprivileged users to bypass kernel protections, escalate to root, and break container isolation. The flaw has existed since 2010, and compromises 20 million+ systems globally. Immediate kernel patching is recommended to neutralize these vulnerabilities.