CVE-2026-46254

Source
https://cve.org/CVERecord?id=CVE-2026-46254
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46254.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-46254
Downstream
Related
Published
2026-06-03T15:49:50.994Z
Modified
2026-07-09T18:31:32.471174947Z
Summary
AppArmor: Allow apparmor to handle unaligned dfa tables
Details

In the Linux kernel, the following vulnerability has been resolved:

AppArmor: Allow apparmor to handle unaligned dfa tables

The dfa tables can originate from kernel or userspace and 8-byte alignment isn't always guaranteed and as such may trigger unaligned memory accesses on various architectures. Resulting in the following

[   73.901376] WARNING: CPU: 0 PID: 341 at security/apparmor/match.c:316 aadfaunpack+0x6cc/0x720 [   74.015867] Modules linked in: binfmtmisc evdev flash sg drm drmpanelorientationquirks backlight i2ccore configfs nfnetlink autofs4 ext4 crc16 mbcache jbd2 hidgeneric usbhid srmod hid cdrom sdmod atageneric ohcipci ehcipci ehcihcd ohcihcd pataali libata sym53c8xx scsitransportspi tg3 scsimod usbcore libphy scsicommon mdiobus usbcommon [   74.428977] CPU: 0 UID: 0 PID: 341 Comm: apparmorparser Not tainted 6.18.0-rc6+ #9 NONE [   74.536543] Call Trace: [   74.568561] [<0000000000434c24>] dumpstack+0x8/0x18 [   74.633757] [<0000000000476438>] __warn+0xd8/0x100 [   74.696664] [<00000000004296d4>] warnslowpathfmt+0x34/0x74 [   74.771006] [<00000000008db28c>] aadfaunpack+0x6cc/0x720 [   74.843062] [<00000000008e643c>] unpackpdb+0xbc/0x7e0 [   74.910545] [<00000000008e7740>] unpackprofile+0xbe0/0x1300 [   74.984888] [<00000000008e82e0>] aaunpack+0xe0/0x6a0 [   75.051226] [<00000000008e3ec4>] aareplaceprofiles+0x64/0x1160 [   75.130144] [<00000000008d4d90>] policyupdate+0xf0/0x280 [   75.201057] [<00000000008d4fc8>] profilereplace+0xa8/0x100 [   75.274258] [<0000000000766bd0>] vfswrite+0x90/0x420 [   75.340594] [<00000000007670cc>] ksyswrite+0x4c/0xe0 [   75.406932] [<0000000000767174>] syswrite+0x14/0x40 [   75.472126] [<0000000000406174>] linuxsparcsyscall+0x34/0x44 [   75.548802] ---[ end trace 0000000000000000 ]--- [   75.609503] dfa blob stream 0xfff0000008926b96 not aligned. [   75.682695] Kernel unaligned access at TPC[8db2a8] aadfaunpack+0x6e8/0x720

Work around it by using the getunalignedxx() helpers.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46254.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e6e8bf418850d7958311a96ccfb594f2bcc8313e
Fixed
ec737e7fdf2f0ba7b203d4ec72cc915978b10e7e
Fixed
23f112bd6144e815153462e12d313ac3e7027168
Fixed
cded636008bde2b397a7cf63b8299d7c303aaf6a
Fixed
64802f731214a51dfe3c6c27636b3ddafd003eb0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46254.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.11.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.14
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46254.json"