{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreigqkqgwo5rcivepvazxjklmnhv7ioyfm7ph5aaxgvihozhc2jmqgu",
    "uri": "at://did:plc:b3tz6srl4ochk2wxn6dv6xpy/app.bsky.feed.post/3mgx4wfyrct22"
  },
  "path": "/Articles/1062778/",
  "publishedAt": "2026-03-13T14:02:32.000Z",
  "site": "https://lwn.net",
  "tags": [
    "a somewhat breathless advisory"
  ],
  "textContent": "Qualys has sent out a somewhat breathless advisory describing a number of vulnerabilities in the AppArmor security module, which is used in a number of Debian-based distributions (among others).\n\n> This \"CrackArmor\" advisory exposes a confused-deputy flaw allowing unprivileged users to manipulate security profiles via pseudo-files, bypass user-namespace restrictions, and execute arbitrary code within the kernel. These flaws facilitate local privilege escalation to root through complex interactions with tools like Sudo and Postfix, alongside denial-of-service attacks via stack exhaustion and Kernel Address Space Layout Randomization (KASLR) bypasses via out-of-bounds reads.",
  "title": "A set of AppArmor vulnerabilities"
}