Qualys has sent out a
somewhat breathless advisory describing a number of vulnerabilities in
the AppArmor security module, which is used in a number of Debian-based distributions (among others).

This "CrackArmor" advisory exposes a confused-deputy flaw allowing
unprivileged users to manipulate security profiles via
pseudo-files, bypass user-namespace restrictions, and execute
arbitrary code within the kernel. These flaws facilitate local
privilege escalation to root through complex interactions with
tools like Sudo and Postfix, alongside denial-of-service attacks
via stack exhaustion and Kernel Address Space Layout Randomization
(KASLR) bypasses via out-of-bounds reads.

https://lwn.net/Articles/1062778/
--- SBBSecho 3.37-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)