CVEFinder.io

CVE-2026-47328

đŸ”ļ medium
🔍 Scan for this CVE
Summary

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.

CVSS Score
6.1
Medium
EPSS Score
0.1
Exploit Probability
Published Date
2026-05-28
First Seen: 2026-05-29
📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 38.8% of all 329,456 vulnerabilities in our database.

#201,538
Below average severity
Severity Percentile
đŸŽ¯ CISA SSVC Assessment Updated: May 28, 2026
🔍 Exploitation Status
None
No known exploits
⚙ī¸ Automatable
NO
Requires human interaction
đŸ’Ĩ Technical Impact
Partial
Limited system impact
🏆 Discovered By
Tristan Madani (@TristanInSec), Talence Security
SSVC data provided by CISA
Last Modified 2026-06-09
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
CWE IDs (Weakness Types)
CWE-590

đŸ“Ļ Affected Products 3

Vendor Product Status Affected Versions
canonical ubuntu_linux Affected
v24.04
canonical ubuntu_linux Affected
v25.10
canonical ubuntu_linux Affected
v26.04

🔗 References 1

https://git.launchpad.net/~ubuntu-kernel/ubuntu/+sou...
Patch

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-47326 đŸ”ļ medium 5.5 0.1 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor not... 2026-05-28
CVE-2026-47327 ℹī¸ low 3.3 0.1 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmo... 2026-05-28
CVE-2026-47329 ℹī¸ low 3.3 0.1 Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor n... 2026-05-28
CVE-2026-47330 ℹī¸ low 3.3 0.1 Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitializ... 2026-05-28
CVE-2026-47331 ⚠ī¸ high 7.8 0.1 Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock when modifying a linked list. An unprivile... 2026-05-28
CVE-2026-47332 đŸ”ļ medium 5.5 0.1 Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structu... 2026-05-28
These CVEs affect the same products