Description
Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.
Published: 2026-05-28
Score: 3.3 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Ubuntu Linux kernel versions 6.8, 6.17 and 7.0 contain SAUCE patches that may expose a NULL pointer dereference when handling AppArmor notifications. The flaw can be triggered by an unprivileged local user and results in a kernel oops, a form of denial of service that brings down the affected system. The weakness is identified as uncontrolled memory access (CWE‑476).

Affected Systems

The vulnerability affects Canonical Ubuntu Linux kernel versions 6.8, 6.17 and 7.0. All installations of these kernels on Ubuntu systems are potentially impacted.

Risk and Exploitability

The CVSS score of 3.3 indicates low severity. No EPSS score is available, and the vulnerability is not listed in CISA’s KEV catalog, suggesting it is not currently exploited in the wild. The attack vector is local, requiring the attacker to be a non‑privileged user on the affected system. Exploitation requires no special conditions beyond local access, and would cause a kernel oops, terminating the affected process or rebooting the system.

Generated by OpenCVE AI on May 28, 2026 at 20:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check for and install any available kernel updates from Canonical that address the AppArmor notification handling issue
  • If an update is pending, schedule a reboot to apply the kernel update
  • Consider limiting the privileges of local users who may trigger AppArmor notifications until a patch is applied

Generated by OpenCVE AI on May 28, 2026 at 20:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Ubuntu USN Ubuntu USN USN-8370-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8371-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8373-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8374-1 Linux kernel vulnerabilities
History

Tue, 09 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:25.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:26.04:*:*:*:*:*:*:*

Thu, 28 May 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Canonical
Canonical ubuntu Linux
Vendors & Products Canonical
Canonical ubuntu Linux

Thu, 28 May 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 28 May 2026 19:00:00 +0000

Type Values Removed Values Added
Description Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.
Title NULL pointer dereference in Ubuntu Linux AppArmor notification handling
Weaknesses CWE-476
References
Metrics cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L'}

Subscriptions

Canonical Ubuntu Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2026-05-28T19:25:26.930Z

Reserved: 2026-05-19T10:37:36.433Z

Link: CVE-2026-47327

cve-icon Vulnrichment

Updated: 2026-05-28T19:25:21.988Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-28T19:16:40.420

Modified: 2026-06-09T14:27:03.757

Link: CVE-2026-47327

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T21:30:26Z

Weaknesses