CVE-2026-46254 in Linux
Sumário
de MITRE • 03/06/2026
In the Linux kernel, the following vulnerability has been resolved:
AppArmor: Allow apparmor to handle unaligned dfa tables
The dfa tables can originate from kernel or userspace and 8-byte alignment isn't always guaranteed and as such may trigger unaligned memory accesses on various architectures. Resulting in the following
[ 73.901376] WARNING: CPU: 0 PID: 341 at security/apparmor/match.c:316 aa_dfa_unpack+0x6cc/0x720
[ 74.015867] Modules linked in: binfmt_misc evdev flash sg drm drm_panel_orientation_quirks backlight i2c_core configfs nfnetlink autofs4 ext4 crc16 mbcache jbd2 hid_generic usbhid sr_mod hid cdrom
sd_mod ata_generic ohci_pci ehci_pci ehci_hcd ohci_hcd pata_ali libata sym53c8xx scsi_transport_spi tg3 scsi_mod usbcore libphy scsi_common mdio_bus usb_common [ 74.428977] CPU: 0 UID: 0 PID: 341 Comm: apparmor_parser Not tainted 6.18.0-rc6+ #9 NONE
[ 74.536543] Call Trace:
[ 74.568561] [] dump_stack+0x8/0x18
[ 74.633757] [] __warn+0xd8/0x100
[ 74.696664] [] warn_slowpath_fmt+0x34/0x74
[ 74.771006] [] aa_dfa_unpack+0x6cc/0x720
[ 74.843062] [] unpack_pdb+0xbc/0x7e0
[ 74.910545] [] unpack_profile+0xbe0/0x1300
[ 74.984888] [] aa_unpack+0xe0/0x6a0
[ 75.051226] [] aa_replace_profiles+0x64/0x1160
[ 75.130144] [] policy_update+0xf0/0x280
[ 75.201057] [] profile_replace+0xa8/0x100
[ 75.274258] [] vfs_write+0x90/0x420
[ 75.340594] [] ksys_write+0x4c/0xe0
[ 75.406932] [] sys_write+0x14/0x40
[ 75.472126] [] linux_sparc_syscall+0x34/0x44
[ 75.548802] ---[ end trace 0000000000000000 ]---
[ 75.609503] dfa blob stream 0xfff0000008926b96 not aligned.
[ 75.682695] Kernel unaligned access at TPC[8db2a8] aa_dfa_unpack+0x6e8/0x720
Work around it by using the get_unaligned_xx() helpers.
Be aware that VulDB is the high quality source for vulnerability data.