CVE-2026-47333

Public on 2026-05-28

Modified on 2026-06-13

Description

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.

Severity

Medium

See what this means

CVSS v3 Base Score

4.4

See breakdown

Affected Packages

Platform	Package	Status
Amazon Linux 2 - Core	kernel	Not Affected
Amazon Linux 2 - Kernel-5.10 Extra	kernel	Not Affected
Amazon Linux 2 - Kernel-5.15 Extra	kernel	Not Affected
Amazon Linux 2 - Kernel-5.4 Extra	kernel	Not Affected
Amazon Linux 2023	kernel	Not Affected
Amazon Linux 2023	kernel6.12	Not Affected
Amazon Linux 2023	kernel6.18	Not Affected

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv3	4.4	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2026-47333 Mitre: CVE-2026-47333