CVE-2026-47331

HIGH 7.8

Use-after-free in Ubuntu Linux AppArmor notification handling

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock when modifying a linked list. An unprivileged local user could trigger the race condition that can lead to a use-after-free (UAF) and, theoretically, arbitrary code execution.

CWE	CWE-416
Vendor	canonical
Product	ubuntu linux
Ecosystems	Linux
Industries	Technology
Published	May 28, 2026
Last Updated	May 29, 2026

Stay Ahead of the Next One

Get instant alerts for canonical ubuntu linux

Be the first to know when new high vulnerabilities affecting canonical ubuntu linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Canonical / Ubuntu Linux

6.8.0 < 6.8.0-124.124

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.launchpad.net: https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/commit/?id=5e5cd4759b63363373faf1ce15d1cab3606d6ec8

Credits

Tristan Madani (@TristanInSec), Talence Security