ISN 2026-07: AppArmor Vulnerabilities

First published 26 March 2026

CVSS:3.1: 7.8 (High)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A security vulnerability has been found in AppArmor, a mandatory access control (MAC) system used in IGEL OS. This affects the following product versions:

• IGEL OS 12

• IGEL OS 11

Details

Security researchers from Qualys have found multiple security vulnerabilities in AppArmor, which is part of the Linux kernel, and have nicknamed them CrackArmor. These vulnerabilities can be exploited by an unprivileged local user. Their consequences can include deactivating security controls, denial of service, disclosing kernel memory contents, and privilege escalation to root (CVE-2026-23268, CVE-2026-23269).

Overall, IGEL rates these local security issues as high.

Update Instructions

• OS 12: Update the base system app to version 12.8.0 or newer when available from the IGEL App Portal.

• OS 11: Update to IGEL OS 11.11.150 or newer when available.

References

• Qualys - CrackArmor: https://blog.qualys.com/vulnerabilities-threat-research/2026/03/12/crackarmor-critical-apparmor-flaws-enable-local-privilege-escalation-to-root

• Qualys - CrackArmor technical details: https://cdn2.qualys.com/advisory/2026/03/10/crack-armor.txt

• CVE-2026-23268: https://nvd.nist.gov/vuln/detail/CVE-2026-23268

• CVE-2026-23269: https://nvd.nist.gov/vuln/detail/CVE-2026-23269