Qualys discovered vulnerabilities in the AppArmor Linux Security Module allowing an unprivileged local attacker to manipulate AppArmor profiles, leading to denial of service, information disclosure, privilege escalation, or container escape. The article also references multiple other kernel vulnerabilities across subsystems like x86, GPU drivers, BTRFS, and networking. Specific affected and fixed version ranges are provided for several CVEs, such as CVE-2022-48875 affecting Linux kernels prior to 5.10.165, 5.15.90, and 6.1.8, with corresponding fixed versions listed.
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - GPIO subsystem; - GPU drivers; - MMC subsystem; - BTRFS file system; - XFRM subsystem; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - SMC sockets; (CVE-2021-47599, CVE-2022-48875, CVE-2022-49072, CVE-2022-49267, CVE-2024-49927, CVE-2024-56640, CVE-2025-21780, CVE-2025-40215)