Canonical Ubuntu Linux
13 CVEs affecting Canonical Ubuntu Linux. Latest disclosed: 2026-05-28. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-47333 | High | 7.8 | 2026-05-28 | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memor… |
CVE-2026-47331 | High | 7.8 | 2026-05-28 | Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock when modifying a linked list. An unprivileged local user could trigger the race c… |
CVE-2026-47328 | Medium | 6.1 | 2026-05-28 | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the sam… |
CVE-2026-47335 | Medium | 5.5 | 2026-05-28 | Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unpr… |
CVE-2026-47334 | Medium | 5.5 | 2026-05-28 | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be tr… |
CVE-2026-47332 | Medium | 5.5 | 2026-05-28 | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in… |
CVE-2026-47326 | Medium | 5.5 | 2026-05-28 | Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by… |
CVE-2026-47337 | Low | 3.3 | 2026-05-28 | Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can… |
CVE-2026-47336 | Low | 3.3 | 2026-05-28 | Ubuntu Linux 6.8 contains SAUCE patches with a possible use of an uninitialized variable in AppArmor AF_INET/AF_INET6 socket mediation code. The bug can be tri… |
CVE-2026-47330 | Low | 3.3 | 2026-05-28 | Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling co… |
CVE-2026-47329 | Low | 3.3 | 2026-05-28 | Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be t… |
CVE-2026-47327 | Low | 3.3 | 2026-05-28 | Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be trigger… |
CVE-2025-13350 | | 2026-03-05 | Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 ("af_unix: Don’t call skb_get() for OOB skb"). When… |