By vendor

Canonical vulnerabilities

Known CVEs affecting Canonical products, prioritized by severity, with SEC.co remediation and detection guidance.

12 published vulnerabilities

  • CVE-2026-47331HIGH 7.8

    Ubuntu Linux kernel version 6.8 contains a critical flaw in the AppArmor security module where protective locks are not properly acquired during linked list modifications. This oversight allows an unprivileged local user to create a race condition that results in a use-after-free memory error. While arbitrary code execution is theoretical at this stage, the vulnerability poses a serious risk to system integrity and confidentiality. An attacker with local system access could potentially escalate privileges or compromise sensitive data.

  • CVE-2026-47333HIGH 7.8

    A memory safety flaw in Ubuntu Linux kernels 6.8, 6.17, and 7.0 allows unprivileged local users to read sensitive data from kernel memory. The vulnerability stems from incorrect buffer size calculation in AppArmor SAUCE patches, enabling out-of-bounds memory reads in the notification handling subsystem. An attacker can trigger this bug without administrative privileges and cause the AppArmor security policy engine to process invalid data, potentially exposing sensitive information or causing unexpected system behavior.

  • CVE-2026-47328MEDIUM 6.1

    Ubuntu Linux kernels 6.8, 6.17, and 7.0 contain a memory management bug in AppArmor SAUCE patches that allows unprivileged local users to corrupt kernel memory and exhaust system resources. The vulnerability stems from incorrect pointer deallocation—the code attempts to free memory that was never properly allocated, while simultaneously leaking other allocated memory. This combination can destabilize the kernel's memory management structures.

  • CVE-2026-47326MEDIUM 5.5

    Ubuntu Linux versions 6.8, 6.17, and 7.0 contain a memory leak flaw in how the kernel handles large responses from AppArmor (the mandatory access control framework). An unprivileged local user can trigger this leak repeatedly, causing the system to exhaust available memory and potentially become unstable or unresponsive. The vulnerability requires local access and does not compromise data confidentiality or integrity, but can degrade or deny service to legitimate users.

  • CVE-2026-47332MEDIUM 5.5

    Ubuntu Linux versions 6.8, 6.17, and 7.0 contain a flaw in their AppArmor security module patches that allows unprivileged local users to read sensitive data from kernel memory. The vulnerability stems from incorrect validation of an internal data structure size during notification processing. An attacker with local user privileges can exploit this to leak information from adjacent memory regions (kernel slab objects), potentially exposing cryptographic keys, session tokens, or other sensitive kernel data.

  • CVE-2026-47334MEDIUM 5.5

    Ubuntu Linux kernels 6.8, 6.17, and 7.0 contain a bug in AppArmor notification handling code that can be triggered by any unprivileged local user to crash the kernel or cause it to hang. The issue stems from code that incorrectly sleeps while holding a spinlock—a low-level synchronization primitive—creating a condition where the system becomes unresponsive or fails entirely. An attacker with basic local access can reliably exploit this without special privileges or user interaction.

  • CVE-2026-47335MEDIUM 5.5

    Ubuntu Linux kernel version 6.8 contains a defect in how it handles AppArmor security notifications. An unprivileged local user can trigger a NULL pointer dereference—a programming error where the kernel tries to access memory that doesn't exist—causing the entire system to crash. This is a local denial-of-service vulnerability; it does not allow data theft or privilege escalation, but it can disrupt service availability.

  • CVE-2026-47327LOW 3.3

    CVE-2026-47327 is a denial-of-service vulnerability in Ubuntu Linux affecting versions 6.8, 6.17, and 7.0. A NULL pointer dereference in the AppArmor notification handling code allows any unprivileged local user to crash the kernel without authentication or special permissions. The attack requires only local system access and can be triggered with a single action, causing a kernel oops that disrupts availability but does not compromise confidentiality or integrity.

  • CVE-2026-47329LOW 3.3

    Ubuntu Linux versions 6.8, 6.17, and 7.0 contain a flaw in SAUCE patches that handle AppArmor security notifications. The vulnerability stems from improper validation of the name field size in these notifications. An unprivileged local user can exploit this by sending crafted AppArmor responses that bypass validation checks, potentially leading to unexpected behavior in the kernel's handling of these security-related messages. This is a local-only issue with low severity impact.

  • CVE-2026-47330LOW 3.3

    CVE-2026-47330 is a local privilege escalation and cache poisoning vulnerability affecting Ubuntu Linux systems with AppArmor SAUCE patches. An unprivileged user can trigger uninitialized variable handling in AppArmor's notification code, causing incorrect caching of security policy responses. While the CVSS score is low (3.3), the issue undermines AppArmor's integrity by allowing cache corruption that could affect subsequent policy enforcement decisions.

  • CVE-2026-47336LOW 3.3

    Ubuntu Linux 6.8 has a bug in its AppArmor security module that could allow an unprivileged local user to bypass or weaken network socket access controls. The issue stems from an uninitialized variable in the code that mediates AF_INET and AF_INET6 (IPv4 and IPv6) socket access. While the vulnerability requires local access and does not enable data theft or system crashes, it undermines the purpose of AppArmor's fine-grained network policy enforcement, potentially allowing a local user to perform network operations that should have been restricted.

  • CVE-2026-47337LOW 3.3

    A NULL pointer dereference flaw in Ubuntu Linux kernel versions 6.8, 6.17, and 7.0 can be triggered by any unprivileged local user to crash the kernel. The vulnerability exists in socket mediation code that handles both IPv4 and IPv6 traffic. While the flaw itself does not enable data theft or system compromise, it can be exploited to cause a denial of service by forcing a kernel panic, disrupting availability for all users on the affected system.