CVE-2026-47336
Analyzed Analyzed - Analysis Complete
Possible use of uninitialized variable in AppArmor AF_INET/AF_INET6 socket mediation in Ubuntu Linux 6.8

Publication date: 2026-05-28

Last updated on: 2026-05-29

Assigner: Canonical Ltd.

Description
Ubuntu Linux 6.8 contains SAUCE patches with a possible use of an uninitialized variable in AppArmor AF_INET/AF_INET6 socket mediation code. The bug can be triggered by an unprivileged local user and could result in incorrect fine-grained mediation of network sockets.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-28
Last Modified
2026-05-29
Generated
2026-06-18
AI Q&A
2026-05-28
EPSS Evaluated
2026-06-16
NVD
CVE-2026-47336
EUVD
EUVD-2026-32991
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
canonical ubuntu_linux 6.8
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-457 The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Ubuntu Linux 6.8 with SAUCE patches, where there is a possible use of an uninitialized variable in the AppArmor AF_INET/AF_INET6 socket mediation code.

It can be triggered by an unprivileged local user and may cause incorrect fine-grained mediation of network sockets.

Impact Analysis

The vulnerability could allow an unprivileged local user to cause incorrect mediation of network sockets, potentially leading to improper access control or security policy enforcement failures.

However, the CVSS base score is 3.3, indicating a low severity impact with no confidentiality or availability impact, but with a low impact on integrity.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-47336. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart