What are CrackArmor AppArmor vulnerabilities?

Nine kernel bugs letting unprivileged users escalate to root, escape containers, and crash systems on Linux since 2017.

Are my Kubernetes nodes affected by AppArmor bugs?

Yes, if Ubuntu/Debian/SUSE with kernel 4.11+ and AppArmor active — check aa-status and uname -r.

How to fix AppArmor kernel vulnerabilities?

Update to latest kernel patches from your distro; backports in Ubuntu HWE, Debian stable, SUSE SLES.

How many systems hit by CrackArmor?

12.6 million enterprise Linux instances with AppArmor enabled.

☁️ Cloud & Infrastructure

CrackArmor: 9 AppArmor Flaws Expose 12.6M Linux Nodes to Root Takeover

Hidden since 2017, nine AppArmor bugs let unprivileged users grab root and bust out of containers. Over 12.6 million Linux instances — think Kubernetes nodes — hang in the balance.

DevTools Feed Apr 03, 2026 4 min read 15 views

Infographic of CrackArmor AppArmor vulnerabilities exposing Linux systems and Kubernetes containers

⚡ Key Takeaways

Nine AppArmor bugs enable root escalation and container escapes on 12.6M systems since 2017. 𝕏
Kubernetes on Ubuntu/Debian most at risk; escape from pod to host nullifies isolation. 𝕏
Patch immediately: Run aa-status and update kernels; SELinux users (RHEL) unaffected. 𝕏

Published by

DevTools Feed

Ship faster. Build smarter.

#AppArmor vulnerabilities #CrackArmor #Kubernetes security #Linux kernel bugs

Worth sharing?

Get the best Developer Tools stories of the week in your inbox — no noise, no spam.

Originally reported by dev.to

⚡ Key Takeaways

The 60-Second TL;DR

DevTools Feed

Share this article

Worth sharing?

Related Stories

Kubernetes 1.35 Sneaks Safer CSI Tokens Past the Logs — Without Breaking Your Setup

Fake Token Hijacks Solana's Drift Governance — $285M Gone in 12 Minutes

CrisisPulse: One HTML File Tracks Global Conflicts Serverlessly

Gold Buries Treasuries as Reserve King

Stay in the loop