A vulnerability marked as critical has been reported in Linux Kernel up to 6.6.129/6.12.76/6.18.17/6.19.7/7.0-rc3 . Affected is the function verify_dfa of the component apparmor . The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2026-23407 . The attack can only be initiated within the local network. No exploit exists. It is suggested to upgrade the affected component.