CVE Catalog

CVE-2026-47333

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.02%

3th percentile - higher than 3% of all known CVEs

Summary

Ubuntu Linux 6.8, 6.17, and 7.0 contain AppArmor SAUCE patches that may incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code.

Risk Assessment

An unprivileged local user can trigger this bug, resulting in invalid data being processed by the AppArmor DFA policy engine. This may lead to unauthorized data access or system instability.

Recommendation

It is recommended to update the system to the latest version to mitigate this vulnerability and to monitor logs for potential exploitation attempts.

Original NVD description (English source)

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS