Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apparmor apparmor vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2017-6507
An issue exists in AppArmor prior to 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an malicious user to possibly have increased attack surfaces of processes that were intended to be confined by AppAr...
Apparmor Apparmor
Canonical Ubuntu Core 15.04
Canonical Ubuntu Touch 15.04
NA
CVE-2008-0731
The Linux kernel prior to 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow malicious users to trigger the unconfining of an apparmored task.
Novell Apparmor
9.8
CVSSv3
CVE-2016-1585
In all versions of AppArmor mount rules are accidentally widened when compiled.
Canonical Apparmor
1 Github repository
NA
CVE-2014-1424
apparmor_parser in the apparmor package prior to 2.8.95~2430-0ubuntu5.1 in Ubuntu 14.04 allows malicious users to bypass AppArmor policies via unspecified vectors, related to a "miscompilation flaw."
Ubuntu Apparmor
Canonical Ubuntu 14.04
7.5
CVSSv3
CVE-2017-11565
debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly (with a wrong assumption that the specific pathname would remain the same fo...
Debian Tor 0.2.9.11-1
4.7
CVSSv3
CVE-2019-11190
The Linux kernel prior to 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.
Linux Linux Kernel
NA
CVE-2013-4459
LightDM 1.7.5 up to and including 1.8.3 and 1.9.x prior to 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.
Robert Ancell Lightdm 1.7.12
Robert Ancell Lightdm 1.7.11
Robert Ancell Lightdm 1.7.10
Robert Ancell Lightdm 1.7.9
Robert Ancell Lightdm 1.9.0
Robert Ancell Lightdm 1.8.3
Robert Ancell Lightdm 1.7.15
Robert Ancell Lightdm 1.7.13
Robert Ancell Lightdm 1.7.8
Robert Ancell Lightdm 1.7.6
Robert Ancell Lightdm 1.8.2
Robert Ancell Lightdm 1.8.1
Robert Ancell Lightdm 1.8.0
Robert Ancell Lightdm 1.7.18
Robert Ancell Lightdm 1.7.17
Robert Ancell Lightdm 1.9.1
Robert Ancell Lightdm 1.7.16
Robert Ancell Lightdm 1.7.14
Robert Ancell Lightdm 1.7.7
Robert Ancell Lightdm 1.7.5
Canonical Ubuntu Linux 13.10
9.8
CVSSv3
CVE-2019-18814
An issue exists in the Linux kernel up to and including 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.
Linux Linux Kernel
NA
CVE-2015-1335
lxc-start in lxc prior to 1.0.8 and 1.1.x prior to 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
Linuxcontainers Lxc 1.1.2
Linuxcontainers Lxc 1.1.3
Linuxcontainers Lxc
Linuxcontainers Lxc 1.1.0
Linuxcontainers Lxc 1.1.1
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
NA
CVE-2015-1334
attach.c in LXC 1.1.2 and previous versions uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.
Linuxcontainers Lxc
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »