diff --git a/security/apparmor/2.12.1/usr.bin.qtox b/security/apparmor/2.12.1/usr.bin.qtox
index 7278082ed..1ae786dd4 100644
--- a/security/apparmor/2.12.1/usr.bin.qtox
+++ b/security/apparmor/2.12.1/usr.bin.qtox
@@ -167,6 +167,14 @@ profile qtox /usr{,/local}/bin/qtox {
     member={NewIcon,NewToolTip}
     peer=(label=unconfined),
 
+  # Denied files
+
+  # libpcre2 on openSUSE tries to mmap() shared memory on directory.
+  # see: https://lists.ubuntu.com/archives/apparmor/2019-January/011925.html
+  # AppArmor does not allow to distinguish "real" file vs shared memory one,
+  # so we deny this path to protect from loading exploits from /tmp.
+  deny /tmp/#[0-9][0-9][0-9][0-9][0-9] m,
+
   # System files
 
   /usr/share/hunspell/* r,
diff --git a/security/apparmor/2.13.2/usr.bin.qtox b/security/apparmor/2.13.2/usr.bin.qtox
index f2bc995a0..fed03fbb9 100644
--- a/security/apparmor/2.13.2/usr.bin.qtox
+++ b/security/apparmor/2.13.2/usr.bin.qtox
@@ -174,6 +174,14 @@ profile qtox /usr{,/local}/bin/qtox {
     member={NewIcon,NewToolTip}
     peer=(label=unconfined),
 
+  # Denied files
+
+  # libpcre2 on openSUSE tries to mmap() shared memory on directory.
+  # see: https://lists.ubuntu.com/archives/apparmor/2019-January/011925.html
+  # AppArmor does not allow to distinguish "real" file vs shared memory one,
+  # so we deny this path to protect from loading exploits from /tmp.
+  deny /tmp/#[0-9][0-9][0-9][0-9][0-9] m,
+
   # System files
 
   /usr/share/hunspell/* r,