CVE-2026-47331

Use-after-free in Ubuntu Linux AppArmor notification handling

CVSS 7.8 HIGHEPSS 0.1%CWE-416

Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock when modifying a linked list. An unprivileged local user could trigger the race condition that can lead to a use-after-free (UAF) and, theoretically, arbitrary code execution.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Productos afectados

Canonical · Ubuntu Linux

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/commit/?id=5e5cd4759b63363373faf1ce15d1cab3606d6ec8