Description
Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.
Published: 2026-05-28
Score: 3.3 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability is caused by an uninitialized variable in the AppArmor notification handling code of the Ubuntu Linux kernel. An unprivileged local user can trigger the bug, which leads to incorrect caching of AppArmor notification responses. Because the affected data are stored in cache, the flaw may allow a local attacker to influence policy enforcement in ways that were not intended by the system designers. The weakness is classified as CWE‑457, an uninitialized variable error.

Affected Systems

The issue affects Ubuntu Linux kernel releases 6.8, 7.17 and 7.0 built by Canonical that contain the AppArmor SAUCE patches. The flaw is present until the kernel code is updated to include the patch identified by the reference commit.

Risk and Exploitability

The CVSS score of 3.3 indicates a low overall severity, and the EPSS score is not available. The vulnerability is exploitable locally by an unprivileged user, who can trigger the bug through normal use of the system. No publicly disclosed exploits are known and the vulnerability is not listed in the CISA KEV catalog, which reduces the immediate threat. Nevertheless, because the flaw can undermine AppArmor policy enforcement, it should be treated as low‑to‑moderate risk until patched.

Generated by OpenCVE AI on May 28, 2026 at 21:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Ubuntu kernel to a version that includes the SAUCE patch for AppArmor notification handling (e.g., a newer 6.8 or 7.x release from Canonical).
  • If a patched kernel is not available, disable the SAUCE feature by adjusting kernel boot parameters or unloading the relevant module to prevent uninitialized variable usage.
  • Enforce stricter permission controls on AppArmor policy files and limit local users from loading or manipulating policies to reduce the risk of cache corruption.

Generated by OpenCVE AI on May 28, 2026 at 21:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Ubuntu USN Ubuntu USN USN-8370-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8371-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8373-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8374-1 Linux kernel vulnerabilities
History

Tue, 09 Jun 2026 14:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:25.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:26.04:*:*:*:*:*:*:*

Thu, 28 May 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Canonical
Canonical ubuntu Linux
Vendors & Products Canonical
Canonical ubuntu Linux

Thu, 28 May 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 28 May 2026 19:00:00 +0000

Type Values Removed Values Added
Description Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.
Title Use of uninitialized value in Ubuntu Linux AppArmor notification handling
Weaknesses CWE-457
References
Metrics cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}

Subscriptions

Canonical Ubuntu Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2026-05-28T19:24:45.707Z

Reserved: 2026-05-19T10:37:36.433Z

Link: CVE-2026-47330

cve-icon Vulnrichment

Updated: 2026-05-28T19:24:41.197Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-28T19:16:41.530

Modified: 2026-06-09T14:38:43.890

Link: CVE-2026-47330

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T21:45:27Z

Weaknesses
  • CWE-457

    Use of Uninitialized Variable