CVE-2026-47333
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk3th percentile - higher than 3% of all known CVEs
Summary
Ubuntu Linux 6.8, 6.17, and 7.0 contain AppArmor SAUCE patches that may incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code.
Risk Assessment
An unprivileged local user can trigger this bug, resulting in invalid data being processed by the AppArmor DFA policy engine. This may lead to unauthorized data access or system instability.
Recommendation
It is recommended to update the system to the latest version to mitigate this vulnerability and to monitor logs for potential exploitation attempts.
Original NVD description (English source)
Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.

