Critical: Crack Armor AppArmor Vulnerabilities Allow Privilege Escalation (CVE-2026-23268, CVE-2026-23269)

**Describe the bug**
Multiple critical vulnerabilities (collectively named **Crack Armor**) have been discovered in AppArmor, enabling local privilege escalation to root. These should be addressed as top priority for the security of Azure Linux.

CVE-2026-23268, CVE-2026-23269, and related pending CVEs are involved.

- [Qualys Security Blog: CrackArmor - Critical AppArmor Flaws Enable Local Privilege Escalation to Root](https://blog.qualys.com/vulnerabilities-threat-research/2026/03/12/crackarmor-critical-apparmor)

**Expected behavior**
Please resolve CVEs in new version of Azure Linux and/or advise on mitigations

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Critical: Crack Armor AppArmor Vulnerabilities Allow Privilege Escalation (CVE-2026-23268, CVE-2026-23269) #16260

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Critical: Crack Armor AppArmor Vulnerabilities Allow Privilege Escalation (CVE-2026-23268, CVE-2026-23269) #16260

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions