Description
Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.
Published: 2026-05-28
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Ubuntu Linux kernels 6.8, 6.17 and 7.0 contain a memory‑leak in the handling of large AppArmor notification responses, a flaw that can be triggered by an unprivileged local user and may lead to resource exhaustion, potentially causing a denial of service.

Affected Systems

Canonical's Ubuntu Linux, specifically kernel releases 6.8, 6.17 and 7.0, are affected by this memory‑leak bug.

Risk and Exploitability

The CVSS score of 5.5 denotes moderate severity. EPSS is not available, and the vulnerability is not listed in the CISA KEV catalog. Because the flaw requires local, unprivileged access it can be exploited by any user with a local account; repeated exploitation could consume system memory until a reboot or patch is applied, leading to degraded performance or service interruption.

Generated by OpenCVE AI on May 28, 2026 at 20:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest Ubuntu kernel that includes the SAUCE patch to fix the AppArmor memory‑leak.
  • Reboot the system so the patched kernel is active.
  • If an immediate kernel upgrade is not possible, temporarily disable or reduce AppArmor notification handling until the patch arrives.

Generated by OpenCVE AI on May 28, 2026 at 20:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Ubuntu USN Ubuntu USN USN-8370-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8371-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8373-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8374-1 Linux kernel vulnerabilities
History

Tue, 09 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:25.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:26.04:*:*:*:*:*:*:*

Thu, 28 May 2026 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Canonical
Canonical ubuntu Linux
Vendors & Products Canonical
Canonical ubuntu Linux

Thu, 28 May 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 28 May 2026 19:00:00 +0000

Type Values Removed Values Added
Description Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.
Title Memory leak in Ubuntu Linux AppArmor large notification response allocation
Weaknesses CWE-401
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Canonical Ubuntu Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2026-05-28T19:25:40.402Z

Reserved: 2026-05-19T10:37:36.433Z

Link: CVE-2026-47326

cve-icon Vulnrichment

Updated: 2026-05-28T19:25:35.859Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-28T19:16:40.110

Modified: 2026-06-09T14:23:39.600

Link: CVE-2026-47326

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T22:00:13Z

Weaknesses
  • CWE-401

    Missing Release of Memory after Effective Lifetime