CVE-2026-47332 Canonical CVE debrief

Who should care

System administrators managing Ubuntu Linux deployments with kernel versions 6.8, 6.17, or 7.0; security teams responsible for Linux endpoint protection; organizations with multi-user Ubuntu systems where unprivileged local access is permitted.

Technical summary

The vulnerability exists in AppArmor SAUCE (Ubuntu-specific) patches within the Linux kernel notification handling code. An incorrect size validation of an internal structure allows an out-of-bounds read when processing notifications. This memory safety defect can be exploited by unprivileged local users to read adjacent slab object contents, resulting in information disclosure. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) reflects local attack vector with low complexity and high confidentiality impact.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates from Ubuntu security repositories when available
• Monitor Ubuntu Security Notices for patch availability
• Restrict local user access where possible until patching is complete
• Review systems running Ubuntu Linux kernel versions 6.8, 6.17, or 7.0 for exposure

Evidence notes

Vulnerability description and CVSS scoring derived from official NVD record. Technical details regarding affected kernel versions and AppArmor SAUCE patches sourced from CVE description. Patch commit reference available via Launchpad Git repository.

Official resources