目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2026-23406— Linux kernel 安全漏洞

CVSS 7.8 · High EPSS 0.18% · P7

影响版本矩阵 18

厂商产品版本范围状态
LinuxLinux074c1cd798cb0b481d7eaa749b64aa416563c053< c7dc56d8b37eda1396feeec3ab1c7ecee5eae31baffected
074c1cd798cb0b481d7eaa749b64aa416563c053< f16f2e5936c0f5f0d11fdf10d2be3e47e7108e42affected
074c1cd798cb0b481d7eaa749b64aa416563c053< 1fc94f16098213d01e56c97feed9b3ecf0147a37affected
074c1cd798cb0b481d7eaa749b64aa416563c053< 5a184f7cbdeaad17e16dedf3c17d0cd622edfed8affected
074c1cd798cb0b481d7eaa749b64aa416563c053< b73c1dff8a9d7eeaebabf8097a5b2de192f40913affected
074c1cd798cb0b481d7eaa749b64aa416563c053< 0510d1ba0976f97f521feb2b75b0572ea5df3cebaffected
074c1cd798cb0b481d7eaa749b64aa416563c053< 383b7270faf42564f133134c2fc3c24bbae52615affected
074c1cd798cb0b481d7eaa749b64aa416563c053< 8756b68edae37ff546c02091989a4ceab3f20abdaffected
… +10 条更多
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2026-23406 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
apparmor: fix side-effect bug in match_char() macro usage
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in match_char() macro usage The match_char() macro evaluates its character parameter multiple times when traversing differential encoding chains. When invoked with *str++, the string pointer advances on each iteration of the inner do-while loop, causing the DFA to check different characters at each iteration and therefore skip input characters. This results in out-of-bounds reads when the pointer advances past the input buffer boundary. [ 94.984676] ================================================================== [ 94.985301] BUG: KASAN: slab-out-of-bounds in aa_dfa_match+0x5ae/0x760 [ 94.985655] Read of size 1 at addr ffff888100342000 by task file/976 [ 94.986319] CPU: 7 UID: 1000 PID: 976 Comm: file Not tainted 6.19.0-rc7-next-20260127 #1 PREEMPT(lazy) [ 94.986322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 94.986329] Call Trace: [ 94.986341] <TASK> [ 94.986347] dump_stack_lvl+0x5e/0x80 [ 94.986374] print_report+0xc8/0x270 [ 94.986384] ? aa_dfa_match+0x5ae/0x760 [ 94.986388] kasan_report+0x118/0x150 [ 94.986401] ? aa_dfa_match+0x5ae/0x760 [ 94.986405] aa_dfa_match+0x5ae/0x760 [ 94.986408] __aa_path_perm+0x131/0x400 [ 94.986418] aa_path_perm+0x219/0x2f0 [ 94.986424] apparmor_file_open+0x345/0x570 [ 94.986431] security_file_open+0x5c/0x140 [ 94.986442] do_dentry_open+0x2f6/0x1120 [ 94.986450] vfs_open+0x38/0x2b0 [ 94.986453] ? may_open+0x1e2/0x2b0 [ 94.986466] path_openat+0x231b/0x2b30 [ 94.986469] ? __x64_sys_openat+0xf8/0x130 [ 94.986477] do_file_open+0x19d/0x360 [ 94.986487] do_sys_openat2+0x98/0x100 [ 94.986491] __x64_sys_openat+0xf8/0x130 [ 94.986499] do_syscall_64+0x8e/0x660 [ 94.986515] ? count_memcg_events+0x15f/0x3c0 [ 94.986526] ? srso_alias_return_thunk+0x5/0xfbef5 [ 94.986540] ? handle_mm_fault+0x1639/0x1ef0 [ 94.986551] ? vma_start_read+0xf0/0x320 [ 94.986558] ? srso_alias_return_thunk+0x5/0xfbef5 [ 94.986561] ? srso_alias_return_thunk+0x5/0xfbef5 [ 94.986563] ? fpregs_assert_state_consistent+0x50/0xe0 [ 94.986572] ? srso_alias_return_thunk+0x5/0xfbef5 [ 94.986574] ? arch_exit_to_user_mode_prepare+0x9/0xb0 [ 94.986587] ? srso_alias_return_thunk+0x5/0xfbef5 [ 94.986588] ? irqentry_exit+0x3c/0x590 [ 94.986595] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 94.986597] RIP: 0033:0x7fda4a79c3ea Fix by extracting the character value before invoking match_char, ensuring single evaluation per outer loop.
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于match_char宏存在副作用错误,可能导致越界读取。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
LinuxLinux 074c1cd798cb0b481d7eaa749b64aa416563c053 ~ c7dc56d8b37eda1396feeec3ab1c7ecee5eae31b -
LinuxLinux 4.17 -

二、漏洞 CVE-2026-23406 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2026-23406 的情报信息

登录查看更多情报信息。

同批安全公告 · Linux · 2026-04-01 · 共 11 条

CVE-2026-234117.8 HIGHLinux kernel 安全漏洞
CVE-2026-234107.8 HIGHLinux kernel 安全漏洞
CVE-2026-234087.8 HIGHLinux kernel 安全漏洞
CVE-2026-234077.8 HIGHLinux kernel 安全漏洞
CVE-2026-23409Linux kernel 安全漏洞
CVE-2026-23405Linux kernel 安全漏洞
CVE-2026-23404Linux kernel 安全漏洞
CVE-2026-23403Linux kernel 安全漏洞
CVE-2026-23402Linux kernel 安全漏洞
CVE-2026-23401Linux kernel 安全漏洞

IV. Related Vulnerabilities

V. Comments for CVE-2026-23406

暂无评论


发表评论