Home

Description

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.

PUBLISHED Reserved 2026-05-19 | Published 2026-05-28 | Updated 2026-05-29 | Assigner canonical




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-125 Out-of-bounds read

Product status

Default status
unaffected

6.8.0 (dpkg) before 6.8.0-124.124
affected

6.17.0 (dpkg) before 6.17.0-35.35
affected

7.0.0 (dpkg) before 7.0.0-22.22
affected

Credits

Tristan Madani (@TristanInSec), Talence Security finder

References

git.launchpad.net/...35fa30ed9e944bdb7e811fb8a8906286b4b4f06 patch

cve.org (CVE-2026-47333)

nvd.nist.gov (CVE-2026-47333)

Download JSON