CVE-2026-47336
Possible use of uninitialized variable in AppArmor AF_INET/AF_INET6 socket mediation in Ubuntu Linux 6.8
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: Canonical Ltd.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ubuntu | linux | 6.8 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-457 | The code uses a variable that has not been initialized, leading to unpredictable or unintended results. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Ubuntu Linux 6.8 with SAUCE patches, where there is a possible use of an uninitialized variable in the AppArmor AF_INET/AF_INET6 socket mediation code.
It can be triggered by an unprivileged local user and may cause incorrect fine-grained mediation of network sockets.
How can this vulnerability impact me? :
The vulnerability could allow an unprivileged local user to cause incorrect mediation of network sockets, potentially leading to improper access control or security policy enforcement failures.
However, the CVSS base score is 3.3, indicating a low severity impact with no confidentiality or availability impact, but with a low impact on integrity.