CVEs related to bugs in AppArmor

Open bugs

Bug CVE(s)
Bug #1383886: disable sha-1 hashing for policy for Ubuntu Touch CVE-2014-8134
AppArmor In progress, assigned to John Johansen
Bug #1496430: Docker-1.8.2 can't create container, due to apparmor denying 'disconnected path' CVE-2015-2925
CVE-2015-5156
CVE-2015-5257
CVE-2015-6937
CVE-2015-7312
AppArmor In progress, assigned to John Johansen
Bug #1597017: mount rules grant excessive permissions CVE-2016-1585
AppArmor New (unassigned)
Bug #1648903: Permission denied and inconsistent behavior in complain mode with 'ip netns list' command CVE-2017-5986
CVE-2017-6353
AppArmor In progress, assigned to John Johansen
Bug #1656121: unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt from a unshared mount namespace CVE-2017-5986
CVE-2017-6353
CVE-2017-7184
AppArmor Confirmed (unassigned)
Bug #1658219: flock not mediated by 'k' CVE-2017-7184
AppArmor In progress, assigned to John Johansen
Bug #1677959: change_profile incorrect when using namespaces with a compound stack CVE-2017-7308
AppArmor New (unassigned)
Bug #1780534: Default usr.lib.ipsec.stroke profile causes segfault for 'ipsec status' CVE-2018-16151
CVE-2018-16152
CVE-2018-17540
AppArmor New (unassigned)
Bug #1824812: apparmor does not start in Disco LXD containers CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-3620
CVE-2018-3639
CVE-2018-3646
CVE-2019-11683
CVE-2019-1999
CVE-2019-3874
CVE-2019-3882
CVE-2019-3887
CVE-2019-9500
CVE-2019-9503
AppArmor Triaged (unassigned)

Resolved bugs

Bug CVE(s)
Bug #789409: /proc/[PID]/attr/current overwrite Null pointer dereference CVE-2011-0716
CVE-2011-1162
CVE-2011-1576
CVE-2011-1759
CVE-2011-1927
CVE-2011-2182
CVE-2011-2203
CVE-2011-2498
CVE-2011-2518
CVE-2011-3353
CVE-2011-3619
CVE-2011-4110
CVE-2011-4622
CVE-2012-0038
CVE-2012-0044
AppArmor Fix released, assigned to Kees Cook
Bug #1236455: Running tasks are not subject to reloaded policies CVE-2013-2929
AppArmor Fix released (unassigned)
Bug #1590561: webbrowser-app crashes on startup on fresh zesty Unity8: No suitable EGL configs found CVE-2017-6507
AppArmor Fix released, assigned to Olivier Tilloy
Bug #1634753: srcname from mount rule corrupted under load CVE-2016-5195
CVE-2016-7425
CVE-2016-8658
AppArmor Invalid by John Johansen
Bug #1668892: CVE-2017-6507: apparmor service restarts and package upgrades unload privately managed profiles CVE-2017-6507
AppArmor Fix released, assigned to juan serven