The Qualys Threat Research Unit (TRU) publicly disclosed nine vulnerabilities in AppArmor on March 12, 2026, collectively naming them CrackArmor. AppArmor is a Linux Security Module (LSM) that ships as the default mandatory access control (MAC) layer on Ubuntu, Debian, SUSE, and a wide range of cloud, Kubernetes, IoT, and edge platforms. The flaws have existed undetected since Linux kernel version 4.11, released in 2017 — nearly nine years.

9 Vulnerabilities disclosed
12.6M+ Enterprise Linux instances affected
~9 yrs Existed since kernel v4.11 (2017)
0 CVEs assigned (as of publication)

Using Qualys CyberSecurity Asset Management telemetry, the researchers estimated that more than 12.6 million enterprise Linux instances run with AppArmor enabled by default — a figure that grows further when Kubernetes clusters, IoT devices, and edge deployments are counted. The ubiquity of AppArmor across these environments dramatically amplifies the threat surface.

“CrackArmor proves that even the most entrenched protections can be bypassed without admin credentials. For CISOs, this means patching alone isn’t enough; we must re-examine our entire assumption of what ‘default’ configurations mean for our infrastructure.” — Dilip Bachwani, Chief Technology Officer, Qualys

The Confused Deputy Problem

At the heart of CrackArmor is a confused deputy vulnerability — a class of flaw in which an unprivileged actor tricks a privileged process into performing unauthorized actions on their behalf. Qualys described the mechanism as akin to “an intruder convincing a building manager with master keys to open restricted vaults that the intruder cannot enter alone.”

In practice, AppArmor exposes pseudo-files under /sys/kernel/security/apparmor/ — notably .load, .replace, and .remove — for managing security profiles. Permissions on these files are checked only when data is actually written to them, not when they are opened. An unprivileged user can open one of these file descriptors and then leverage a trusted, setuid-root system tool — such as Sudo, Postfix, or the su utility — to write malicious data, effectively routing an unauthorized operation through a privileged intermediary that bypasses all user-namespace restrictions.

Canonical’s security advisory notes that exploitation in host deployments (outside containers) requires a cooperating privileged application such as a setuid binary. However, in container deployments running attacker-controlled images, the kernel vulnerabilities can be exploited without any such cooperation.

Vulnerability Breakdown

The nine flaws span two distinct categories: confused-deputy policy manipulation and intrinsic kernel-level bugs within AppArmor’s own code.

Category Vulnerability Severity Impact
Confused Deputy Profile removal via setuid proxy Critical Strip protections from any system service (e.g., SSH, rsyslogd, cupsd)
Confused Deputy Profile loading via setuid proxy Critical Load deny-all profiles to trigger denial-of-service
Confused Deputy User-namespace restriction bypass Critical Bypass Ubuntu unprivileged user-namespace restrictions; enables root escalation
LPE Chain AppArmor + Sudo + Postfix = root Critical Full local privilege escalation to root; passwordless root via /etc/passwd
Kernel Bug Uncontrolled recursion in profile removal High Stack exhaustion → kernel panic → forced system reboot (DoS)
Kernel Bug Out-of-bounds read in DFA verification High KASLR bypass; kernel memory disclosure enabling further remote exploitation chains
Kernel Bug Use-after-free in profile handling High Memory corruption; potential for code execution
Kernel Bug Double-free in aa_replace_profiles() High Kernel memory corruption
Kernel Bug Infinite loop in differential encoding verification Medium Denial of service via infinite loop

Attack Consequences

Local Privilege Escalation to Root

By chaining the confused-deputy flaw with the Sudo email-notification vulnerability (also identified by Qualys in this research), an unprivileged user with a password set can execute commands as full root — for example, modifying /etc/passwd to create a passwordless root account. This is the most severe outcome and has been demonstrated via a working proof-of-concept developed by Qualys TRU, which has been shared with vendors but not publicly released.

Denial of Service

The uncontrolled recursion kernel bug allows an attacker to trigger stack exhaustion, causing a kernel panic and forcing a full system reboot. Separately, an attacker can load deny-all AppArmor profiles against critical services such as the SSH daemon, locking all users out of remote access.

Container Isolation Weakening

CrackArmor enables unprivileged users to create fully capable user namespaces, circumventing Ubuntu’s AppArmor-based restrictions on unprivileged namespaces — even after all previously published workarounds were closed. In container environments running potentially malicious images, exploitation does not require a cooperating setuid binary. Container escape to the host is theoretically enabled but has not been practically demonstrated as of publication.

KASLR Bypass and Remote Exploitation Enablement

The out-of-bounds read vulnerability discloses kernel memory addresses, defeating Kernel Address Space Layout Randomization (KASLR). This weakens the system’s defenses against subsequent remote exploitation chains, where an attacker may leverage the leaked addresses to bypass security mitigations in follow-on attacks.

Scope and Affected Distributions

📦 Affected Systems All Linux kernels from version 4.11 (released 2017) onward on distributions that integrate AppArmor are affected. This includes Ubuntu (all supported releases), Debian (stable and testing), SUSE Linux Enterprise, and any cloud, Kubernetes, IoT, or edge platform built on these distributions.

AppArmor has been part of the mainline Linux kernel since version 2.6.36. Its deep integration as a default security layer across enterprise infrastructure is precisely what makes CrackArmor particularly significant — the security module meant to contain threats has itself become the attack surface.

Coordinated Disclosure Timeline

2017 — Linux Kernel v4.11
Root cause introduced. Flaws exist undetected in production environments for nearly nine years.
Early 2026
Qualys TRU discovers the vulnerabilities. Coordinated disclosure process begins with Canonical, Debian, SUSE, the upstream Linux kernel security team, and Sudo’s maintainer. Process extends beyond typical timelines due to multiple patch review rounds.
March 12, 2026
Patches land in Linus Torvalds’ upstream kernel tree. Qualys publishes the CrackArmor advisory. Debian releases a security update (version 6.12.74-2 for stable/trixie). Canonical releases kernel security updates and userspace mitigations for all affected Ubuntu releases.
March 13, 2026
Canonical publishes a detailed vulnerability knowledge base article. Ubuntu Security Team releases patches for su (in the util-linux package) and for sudo.
CVE Assignment — Pending
No CVE identifiers have been assigned as of publication. The Linux kernel CVE assignment process intentionally delays IDs until one to two weeks after fixes stabilize in a stable release. Qualys urges organizations not to let the absence of CVEs delay remediation.

Recommended Actions

  • 01 Apply kernel security updates immediately. Ubuntu, Debian, and their derivatives have released patched kernels. Emergency maintenance windows should be opened without delay. Kernel patching is the non-negotiable priority; userspace mitigations alone are insufficient.
  • 02 Apply userspace mitigations. Install the security updates for util-linux (the su utility) and sudo on all Ubuntu systems. These mitigate the confused-deputy exploitation path while kernel patches propagate.
  • 03 Monitor AppArmor profile directories. Set up alerting for unauthorized changes to files under /sys/kernel/security/apparmor/ — particularly .load, .replace, and .remove.
  • 04 Enumerate affected assets. Use asset management tooling (e.g., Qualys CSAM or equivalent) to identify all Ubuntu, Debian, and SUSE systems running AppArmor across on-premises, cloud, and container environments.
  • 05 Do not downgrade urgency due to absent CVEs. CVE identifiers will be assigned one to two weeks after stable kernel release. The lack of a CVE number does not reduce the severity or exploitability of these vulnerabilities.
  • 06 Note: Ubuntu 25.10+ (Questing Quokka) users. The sudo-rs (Rust rewrite of sudo) is the default on Ubuntu 25.10 and later. It is not affected by the Sudo email-notification vulnerability, as it does not implement that feature.

Context and Significance

This is not the first time Qualys TRU has uncovered serious privilege escalation flaws in default Linux security components. In 2022, the team disclosed two vulnerabilities in Ubuntu’s Snap packaging system that similarly allowed unprivileged code execution as root. AppArmor itself was previously recommended as a mitigating control against the Dirty Pipe privilege escalation vulnerability in container environments that same year — making CrackArmor a notable irony: the guard has become the vulnerability.

The coordinated disclosure, which involved the upstream Linux kernel security team, Canonical, Debian, SUSE, and Sudo’s maintainer, extended significantly beyond typical timelines, according to Qualys — a reflection of the complexity of patching a vulnerability that spans both kernel code and multiple userspace components across major distributions.

“Immediate kernel patching remains the non-negotiable priority for neutralizing these critical vulnerabilities, as interim mitigation does not offer the same level of security assurance as restoring the vendor-fixed code path.” — Qualys Threat Research Unit, CrackArmor Advisory