CVE-2026-47337 Canonical CVE debrief

Who should care

System administrators managing Ubuntu Linux deployments with kernel versions 6.8, 6.17, or 7.0; security teams tracking local privilege escalation and denial-of-service vectors in Linux kernels; organizations with multi-user Ubuntu systems where unprivileged local access is available.

Technical summary

The vulnerability stems from SAUCE (Ubuntu-specific) patches in the Linux kernel that mishandle socket mediation for IPv4 (AF_INET) and IPv6 (AF_INET6) sockets. A NULL pointer dereference can occur during this mediation process. The attack vector is local, requiring low privileges and no user interaction. Successful exploitation causes a kernel oops, resulting in availability impact only. The CVSS vector is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L.

Defensive priority

routine

Recommended defensive actions

• Apply kernel updates from Ubuntu when available, prioritizing systems running affected versions 6.8, 6.17, or 7.0
• Monitor Ubuntu Security Notices for patch availability
• Review local user access controls to reduce attack surface from unprivileged accounts
• Consider enabling kernel crash dumping to capture diagnostic information if oops occurs

Evidence notes

The vulnerability description and affected versions are derived from the official CVE record and NVD entry. The commit reference from Launchpad provides technical context for the SAUCE patch issue. Vendor attribution is marked as low confidence pending review, with Launchpad identified as the reference domain candidate.

Official resources