In the Linux kernel, the following vulnerability has been resolved:
AppArmor: Allow apparmor to handle unaligned dfa tables
The dfa tables can originate from kernel or userspace and 8-byte alignment isn't always guaranteed and as such may trigger unaligned memory accesses on various architectures. Resulting in the following
[ 73.901376] WARNING: CPU: 0 PID: 341 at security/apparmor/match.c:316 aadfaunpack+0x6cc/0x720 [ 74.015867] Modules linked in: binfmtmisc evdev flash sg drm drmpanelorientationquirks backlight i2ccore configfs nfnetlink autofs4 ext4 crc16 mbcache jbd2 hidgeneric usbhid srmod hid cdrom sdmod atageneric ohcipci ehcipci ehcihcd ohcihcd pataali libata sym53c8xx scsitransportspi tg3 scsimod usbcore libphy scsicommon mdiobus usbcommon [ 74.428977] CPU: 0 UID: 0 PID: 341 Comm: apparmorparser Not tainted 6.18.0-rc6+ #9 NONE [ 74.536543] Call Trace: [ 74.568561] [<0000000000434c24>] dumpstack+0x8/0x18 [ 74.633757] [<0000000000476438>] __warn+0xd8/0x100 [ 74.696664] [<00000000004296d4>] warnslowpathfmt+0x34/0x74 [ 74.771006] [<00000000008db28c>] aadfaunpack+0x6cc/0x720 [ 74.843062] [<00000000008e643c>] unpackpdb+0xbc/0x7e0 [ 74.910545] [<00000000008e7740>] unpackprofile+0xbe0/0x1300 [ 74.984888] [<00000000008e82e0>] aaunpack+0xe0/0x6a0 [ 75.051226] [<00000000008e3ec4>] aareplaceprofiles+0x64/0x1160 [ 75.130144] [<00000000008d4d90>] policyupdate+0xf0/0x280 [ 75.201057] [<00000000008d4fc8>] profilereplace+0xa8/0x100 [ 75.274258] [<0000000000766bd0>] vfswrite+0x90/0x420 [ 75.340594] [<00000000007670cc>] ksyswrite+0x4c/0xe0 [ 75.406932] [<0000000000767174>] syswrite+0x14/0x40 [ 75.472126] [<0000000000406174>] linuxsparcsyscall+0x34/0x44 [ 75.548802] ---[ end trace 0000000000000000 ]--- [ 75.609503] dfa blob stream 0xfff0000008926b96 not aligned. [ 75.682695] Kernel unaligned access at TPC[8db2a8] aadfaunpack+0x6e8/0x720
Work around it by using the getunalignedxx() helpers.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46254.json",
"cna_assigner": "Linux"
}