Description
Ubuntu Linux 6.8 contains SAUCE patches with a possible use of an uninitialized variable in AppArmor AF_INET/AF_INET6 socket mediation code. The bug can be triggered by an unprivileged local user and could result in incorrect fine-grained mediation of network sockets.
Published: 2026-05-28
Score: 3.3 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is caused by an uninitialized variable in the AppArmor mediation code that processes AF_INET and AF_INET6 sockets in the Ubuntu Linux 6.8 kernel. An unprivileged local user can trigger the defect, leading the mediation engine to misjudge permissions for network sockets. The flaw could result in a user opening sockets that should be denied or preventing access to sockets that should be allowed, thereby affecting the intended network confinement of that user.

Affected Systems

Canonical’s Ubuntu Linux products are impacted when they run kernel version 6.8 with the SAUCE patches that contain the vulnerable code. The issue applies to any system whose running kernel includes that exact revision, typically Ubuntu releases that ship the 6.8 kernel or later updates before the patch is applied.

Risk and Exploitability

The flaw is scored with a CVSS score of 3.3, indicating low severity, and there is no EPSS score available. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires local, unprivileged access and only leads to incorrect mediation of network sockets. The likelihood of real-world exploitation is considered low, and the impact is limited to a single user's network activity rather than full system compromise.

Generated by OpenCVE AI on May 28, 2026 at 20:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Download and install the latest Ubuntu kernel update that includes the patched 6.8 SAUCE fix.
  • Reboot the system to load the updated kernel.
  • Verify the remediation by attempting to open a network socket as a non‑privileged user; the expected behavior is that AppArmor correctly permits or denies the socket according to the profile definitions.

Generated by OpenCVE AI on May 28, 2026 at 20:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Ubuntu USN Ubuntu USN USN-8373-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8440-1 Linux kernel (Azure) vulnerabilities
History

Fri, 29 May 2026 21:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:canonical:ubuntu_linux:6.8:*:*:*:*:*:*:*

Thu, 28 May 2026 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Canonical
Canonical ubuntu Linux
Vendors & Products Canonical
Canonical ubuntu Linux

Thu, 28 May 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 28 May 2026 19:00:00 +0000

Type Values Removed Values Added
Description Ubuntu Linux 6.8 contains SAUCE patches with a possible use of an uninitialized variable in AppArmor AF_INET/AF_INET6 socket mediation code. The bug can be triggered by an unprivileged local user and could result in incorrect fine-grained mediation of network sockets.
Title Use of uninitialized value in Ubuntu Linux AppArmor IPv4/IPv6 socket mediation rules
Weaknesses CWE-457
References
Metrics cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}

Subscriptions

Canonical Ubuntu Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2026-05-28T19:23:22.236Z

Reserved: 2026-05-19T10:37:36.434Z

Link: CVE-2026-47336

cve-icon Vulnrichment

Updated: 2026-05-28T19:23:17.202Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-28T19:16:42.443

Modified: 2026-05-29T21:23:58.113

Link: CVE-2026-47336

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T21:00:17Z

Weaknesses
  • CWE-457

    Use of Uninitialized Variable