AppArmor was default till mid Feb 2025 so I guess quite some systems still run AppArmour.
No security risks if you are the only user on your systems, but I can image some Suse personal working over the weekend.
4 Likes
Appreciate the post. I did a generic Internet search of this subject and found an article (webpage) at Ubuntu … addressing the vulnerability and how to fix it (for Ubuntu users).
Oddly, I don’t see any posts at this time from other Linux distros addressing this.
.
Odd not detected sooner than now …
" ‘CrackArmor’ refers to a set of nine critical vulnerabilities discovered by Qualys researchers in the Linux kernel’s AppArmor security module, made public on March 12-13, 2026. These flaws affect over 12.6 million enterprise Linux instances running Ubuntu, Debian, and SUSE, with the vulnerabilities originating in kernel version 4.11 from 2017."
1 Like
Looks to me patches have been released in kernel 6.19.8 based on Tumbleweed snapshot 20260318.
What is remarkable to me that it is done via the kernel.
$ sudo grep -m 1 ‘6.19.8’ /var/log/zypper.log
2026-03-19 22:33:22 <1> eclipse(12913) [zypper++] Summary.cc(readPool):281 U_Ts_rs(13665)kernel-default-6.19.8-1.1.x86_64(openSUSE:repo-oss)