Description
Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.
Published: 2026-05-28
Score: 5.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Ubuntu Linux kernels 6.8, 6.17 and 7.0 contain a memory‑leak in the handling of large AppArmor notification responses, a flaw that can be triggered by an unprivileged local user and may lead to resource exhaustion, potentially causing a denial of service.

Affected Systems

Canonical's Ubuntu Linux, specifically kernel releases 6.8, 6.17 and 7.0, are affected by this memory‑leak bug.

Risk and Exploitability

The CVSS score of 5.5 denotes moderate severity. EPSS is not available, and the vulnerability is not listed in the CISA KEV catalog. Because the flaw requires local, unprivileged access it can be exploited by any user with a local account; repeated exploitation could consume system memory until a reboot or patch is applied, leading to degraded performance or service interruption.

Generated by OpenCVE AI on May 28, 2026 at 20:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest Ubuntu kernel that includes the SAUCE patch to fix the AppArmor memory‑leak.
  • Reboot the system so the patched kernel is active.
  • If an immediate kernel upgrade is not possible, temporarily disable or reduce AppArmor notification handling until the patch arrives.

Generated by OpenCVE AI on May 28, 2026 at 20:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 28 May 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 28 May 2026 19:00:00 +0000

Type Values Removed Values Added
Description Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.
Title Memory leak in Ubuntu Linux AppArmor large notification response allocation
Weaknesses CWE-401
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2026-05-28T19:25:40.402Z

Reserved: 2026-05-19T10:37:36.433Z

Link: CVE-2026-47326

cve-icon Vulnrichment

Updated: 2026-05-28T19:25:35.859Z

cve-icon NVD

Status : Received

Published: 2026-05-28T19:16:40.110

Modified: 2026-05-28T19:16:40.110

Link: CVE-2026-47326

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T20:30:25Z

Weaknesses