9 AppArmor vulnerabilities expose millions of Linux systems to root access

As reported by HackRead, nine critical vulnerabilities have been discovered in AppArmor, a widely used security tool for Linux systems. These flaws, present since 2017, could potentially affect over 12.6 million enterprise systems, including those running Ubuntu, Debian, and SUSE.

The vulnerabilities, described as "confused deputy" flaws, allow low-privilege users to trick trusted programs like Sudo or Postfix into performing dangerous actions. This enables attackers to write to hidden pseudo-files, bypass security boundaries, and gain root access, effectively taking complete control of a system. Researchers also found that these flaws can be exploited to break out of containerized environments, a significant concern for applications designed to run in isolation.

The potential impact includes denial-of-service attacks and the ability to disable critical security protections on background services, posing a serious risk to sectors like banking, healthcare, and telecommunications. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Homeland Security (DHS) have issued emergency bulletins to critical infrastructure sectors, underscoring the severity of the threat.

Source: HackRead