Description
Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel panic.
Published: 2026-05-28
Score: 5.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A NULL pointer dereference in the AppArmor notification handling code of the Ubuntu Linux 6.8 kernel can trigger a kernel panic. The flaw stems from the kernel's SAUCE patch process, which does not defensively handle a null pointer when processing AppArmor events. An attacker who can run code as an unprivileged local user can exploit this weakness, leading to a complete loss of system availability for that host. The flaw is a classic null‑pointer dereference (CWE‑476).

Affected Systems

Canonical Ubuntu Linux 6.8 kernel releases that include the SAUCE patches are affected. Any system running this kernel version and its variants is vulnerable.

Risk and Exploitability

The CVSS score of 5.5 signals a medium‑impact denial‑of‑service vulnerability with local scope. Because the exploitation requires only local privileges, an unprivileged user can trigger it directly, making it relatively accessible. The EPSS score is not available, and the vulnerability is not listed in CISA KEV, indicating that it has not yet been reported as actively exploited in the wild. Nonetheless, local exploitation can cause a critical outage with no immediate detection unless a crash log is monitored.

Generated by OpenCVE AI on May 28, 2026 at 20:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest Ubuntu kernel update that contains the SAUCE patch fixing the null‑pointer dereference in AppArmor notification handling.
  • Reboot the system so that the updated kernel replaces the current in‑memory kernel.
  • Continuously monitor system logs for any kernel panic events indicating a potential exploitation attempt.

Generated by OpenCVE AI on May 28, 2026 at 20:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 28 May 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Canonical
Canonical ubuntu Linux
Vendors & Products Canonical
Canonical ubuntu Linux

Thu, 28 May 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 28 May 2026 19:00:00 +0000

Type Values Removed Values Added
Description Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel panic.
Title NULL pointer dereference in Ubuntu Linux AppArmor notification handling
Weaknesses CWE-476
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Canonical Ubuntu Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2026-05-28T19:23:36.632Z

Reserved: 2026-05-19T10:37:36.434Z

Link: CVE-2026-47335

cve-icon Vulnrichment

Updated: 2026-05-28T19:23:31.103Z

cve-icon NVD

Status : Received

Published: 2026-05-28T19:16:42.327

Modified: 2026-05-28T19:16:42.327

Link: CVE-2026-47335

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T20:30:25Z

Weaknesses