Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apparmor apparmor vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2017-6507
An issue exists in AppArmor prior to 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an malicious user to possibly have increased attack surfaces of processes that were intended to be confined by AppAr...
Apparmor Apparmor
Canonical Ubuntu Touch 15.04
Canonical Ubuntu Core 15.04
9.8
CVSSv3
CVE-2016-1585
In all versions of AppArmor mount rules are accidentally widened when compiled.
Canonical Apparmor
1 Github repository
NA
CVE-2008-0731
The Linux kernel prior to 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow malicious users to trigger the unconfining of an apparmored task.
Novell Apparmor
NA
CVE-2014-1424
apparmor_parser in the apparmor package prior to 2.8.95~2430-0ubuntu5.1 in Ubuntu 14.04 allows malicious users to bypass AppArmor policies via unspecified vectors, related to a "miscompilation flaw."
Canonical Ubuntu 14.04
Ubuntu Apparmor
7.5
CVSSv3
CVE-2017-11565
debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly (with a wrong assumption that the specific pathname would remain the same fo...
Debian Tor 0.2.9.11-1
4.7
CVSSv3
CVE-2019-11190
The Linux kernel prior to 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.
Linux Linux Kernel
NA
CVE-2013-4459
LightDM 1.7.5 up to and including 1.8.3 and 1.9.x prior to 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.
Robert Ancell Lightdm 1.7.6
Robert Ancell Lightdm 1.7.10
Robert Ancell Lightdm 1.8.0
Robert Ancell Lightdm 1.9.0
Robert Ancell Lightdm 1.7.18
Robert Ancell Lightdm 1.7.7
Robert Ancell Lightdm 1.7.5
Robert Ancell Lightdm 1.8.3
Robert Ancell Lightdm 1.8.2
Robert Ancell Lightdm 1.8.1
Robert Ancell Lightdm 1.7.13
Robert Ancell Lightdm 1.7.17
Robert Ancell Lightdm 1.7.11
Robert Ancell Lightdm 1.7.12
Robert Ancell Lightdm 1.7.16
Robert Ancell Lightdm 1.7.15
Robert Ancell Lightdm 1.9.1
Robert Ancell Lightdm 1.7.9
Robert Ancell Lightdm 1.7.14
Robert Ancell Lightdm 1.7.8
Canonical Ubuntu Linux 13.10
9.8
CVSSv3
CVE-2019-18814
An issue exists in the Linux kernel up to and including 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.
Linux Linux Kernel
NA
CVE-2015-1335
lxc-start in lxc prior to 1.0.8 and 1.1.x prior to 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
Linuxcontainers Lxc
Linuxcontainers Lxc 1.1.1
Linuxcontainers Lxc 1.1.3
Linuxcontainers Lxc 1.1.2
Linuxcontainers Lxc 1.1.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
NA
CVE-2015-1334
attach.c in LXC 1.1.2 and previous versions uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.
Linuxcontainers Lxc
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »