Use of uninitialized value in Ubuntu Linux AppArmor notification handling

3.3 / 10

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Description

Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.

Basic Information

ID CVE-2026-47330

Source canonical

Published May 28, 2026 at 18:27

Affected Product

Vendor Canonical

Product Ubuntu Linux

Version 6.8.0

Affected Versions Canonical Ubuntu Linux 6.8.0
Canonical Ubuntu Linux 6.17.0
Canonical Ubuntu Linux 7.0.0

CWE Classification

CWE-457

References

git.launchpad.net /~ubuntu-kernel/ubuntu/+source/linux/+git/noble/commit/

{
    "lastseen": "",
    "description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.",
    "published": "2026-05-28T18:27:58.545Z",
    "modified": "2026-05-28T18:27:58.545Z",
    "type": "cve",
    "title": "Use of uninitialized value in Ubuntu Linux AppArmor notification handling",
    "source": "canonical",
    "references": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/commit/?id=9b2c6eded493fa50e7c8cd3618d7ebe1358abaab",
    "id": "CVE-2026-47330",
    "bulletinFamily": "",
    "cwe": [
        "CWE-457"
    ],
    "cvelist": null,
    "sourceData": "Canonical Ubuntu Linux 6.8.0\nCanonical Ubuntu Linux 6.17.0\nCanonical Ubuntu Linux 7.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 3.3,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Ubuntu Linux",
    "version": "6.8.0",
    "vendor": "Canonical",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Use of uninitialized value in Ubuntu Linux AppArmor notification handling_CVE-2026-47330