← All advisories

Unrated severityNVD Advisory· Published Jun 9, 2026

CVE-2026-46328

CVE-2026-46328

Description

Linux kernel's AppArmor subsystem had a flaw in how it handled POSIX CPU timers, potentially affecting resource limits.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Linux kernel's AppArmor subsystem had a flaw in how it handled POSIX CPU timers, potentially affecting resource limits.

Vulnerability

The Linux kernel's AppArmor subsystem contained a flaw in its handling of resource limits for POSIX CPU timers. The vulnerability arises because setting the resource limit (rlimit) for POSIX CPU timers requires an additional step beyond the standard rlimit setting. The code was refactored to clarify when limits are set and to conditionally update POSIX CPU timers when appropriate.

Exploitation

Exploitation of this vulnerability is not detailed in the available references. However, it is implied that an attacker with the ability to manipulate resource limits within the AppArmor context could potentially trigger this issue.

Impact

The impact of this vulnerability is not explicitly detailed in the available references. However, a successful exploit could potentially lead to incorrect resource allocation or denial of service related to POSIX CPU timers within the affected Linux kernel versions.

Mitigation

This vulnerability has been resolved in the Linux kernel. The specific fixed version and release date are not provided in the available references. No workarounds are disclosed, and the vulnerability is not listed as actively exploited.

AI Insight generated on Jun 9, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Linux/Kernelllm-fuzzy

Patches

16

6ca56813f4a5

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitJohn JohansenFixed in 7.0via kernel-cna

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index 8e80db3ae21c0..64212b39ba4bb 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -196,6 +196,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     rules->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

e43818b16815

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitJohn JohansenFixed in 6.12.75via kernel-cna

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index dcc94c3153d51..a7eee815f1215 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -201,6 +201,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     rules->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

9bf1fa150775

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitJohn JohansenFixed in 6.18.14via kernel-cna

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index 8e80db3ae21c0..64212b39ba4bb 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -196,6 +196,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     rules->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

e1cc11550b2f

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitJohn JohansenFixed in 5.10.252via kernel-cna

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index 1ae4874251a96..f94e416399441 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -182,6 +182,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     new->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

2232d7cd2438

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitJohn JohansenFixed in 5.15.202via kernel-cna

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index 1ae4874251a96..f94e416399441 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -182,6 +182,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     new->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

28aa93fcfb33

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitJohn JohansenFixed in 6.1.165via kernel-cna

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index 1ae4874251a96..f94e416399441 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -182,6 +182,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     new->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

1f736dfe27c8

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitJohn JohansenFixed in 6.6.128via kernel-cna

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index dcc94c3153d51..a7eee815f1215 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -201,6 +201,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     rules->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

57d51d41b90e

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitJohn JohansenFixed in 6.19.4via kernel-cna

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index 8e80db3ae21c0..64212b39ba4bb 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -196,6 +196,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     rules->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

57d51d41b90e

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitJohn Johansenvia nvd-ref

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index 8e80db3ae21c0..64212b39ba4bb 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -196,6 +196,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     rules->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

e43818b16815

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitJohn Johansenvia nvd-ref

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index dcc94c3153d51..a7eee815f1215 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -201,6 +201,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     rules->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

1f736dfe27c8

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitJohn Johansenvia nvd-ref

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index dcc94c3153d51..a7eee815f1215 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -201,6 +201,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     rules->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

2232d7cd2438

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitJohn Johansenvia nvd-ref

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index 1ae4874251a96..f94e416399441 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -182,6 +182,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     new->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

28aa93fcfb33

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitJohn Johansenvia nvd-ref

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index 1ae4874251a96..f94e416399441 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -182,6 +182,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     new->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

e1cc11550b2f

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitJohn Johansenvia nvd-ref

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index 1ae4874251a96..f94e416399441 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -182,6 +182,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     new->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

6ca56813f4a5

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitJohn Johansenvia nvd-ref

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index 8e80db3ae21c0..64212b39ba4bb 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -196,6 +196,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     rules->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

9bf1fa150775

apparmor: fix rlimit for posix cpu timers

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitJohn Johansenvia nvd-ref

1 file changed · +5 −1

security/apparmor/resource.c+5 −1 modified

diff --git a/security/apparmor/resource.c b/security/apparmor/resource.c
index 8e80db3ae21c0..64212b39ba4bb 100644
--- a/security/apparmor/resource.c
+++ b/security/apparmor/resource.c
@@ -196,6 +196,11 @@ void __aa_transition_rlimits(struct aa_label *old_l, struct aa_label *new_l)
 					     rules->rlimits.limits[j].rlim_max);
 			/* soft limit should not exceed hard limit */
 			rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
+			if (j == RLIMIT_CPU &&
+			    rlim->rlim_cur != RLIM_INFINITY &&
+			    IS_ENABLED(CONFIG_POSIX_TIMERS))
+				(void) update_rlimit_cpu(current->group_leader,
+							 rlim->rlim_cur);
 		}
 	}
 }
-- 
cgit 1.3-korg

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

8

News mentions

1

Linux Kernel: 25 Vulnerabilities Disclosed in Single Batch on June 8-9, 2026
Vypr Intelligence · Jun 9, 2026