Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
1DescriptionCVE.org
Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.
AnalysisAI
Ubuntu Linux kernel SAUCE patches (versions 6.8, 6.17, and 7.0) improperly validate the size of the name field in AppArmor notification responses, allowing a local low-privileged user to trigger handling of crafted responses with potential limited integrity impact. The vulnerability carries a CVSS score of 3.3 (Low) with a local attack vector, restricted to integrity effects only and no confidentiality or availability consequences. No public exploit has been identified at time of analysis and this vulnerability is not listed in CISA KEV.
Technical ContextAI
SAUCE (Software Applied by Ubuntu Community Engineers) patches are Ubuntu-specific kernel modifications that have not yet been merged into the mainline Linux kernel. AppArmor is a Linux Security Module (LSM) implementing mandatory access control via security profiles; it communicates with userspace through notification responses. The root cause maps to CWE-1284 (Improper Validation of Specified Quantity in Input), meaning the SAUCE patch code path that processes incoming AppArmor notification responses does not enforce bounds checking on the name field's declared size before using it. This class of bug can allow a caller to supply a size value that does not reflect the actual buffer, enabling crafted input to be processed incorrectly. Affected CPE is cpe:2.3:a:canonical:ubuntu_linux:*:*:*:*:*:*:*:* across kernel versions 6.8, 6.17, and 7.0 as shipped by Canonical.
RemediationAI
A patch is available from Canonical. The fix is tracked in the Ubuntu kernel noble branch at Launchpad commit 9ea8b64b3ad27d0501cf711efa98077998a33b14 (https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/commit/?id=9ea8b64b3ad27d0501cf711efa98077998a33b14). Administrators should apply the updated kernel package from Canonical's official repositories once an Ubuntu Security Notice (USN) is published for the affected kernel versions. An exact patched package version was not independently confirmed from the available reference data - monitor Ubuntu Security Notices at ubuntu.com/security/notices for the definitive fix version. As a compensating control on systems where patching is delayed, restricting local user accounts and auditing AppArmor notification consumers can reduce exposure; however, given the low severity and local-only attack vector, the operational trade-off of disabling AppArmor notification features entirely is likely disproportionate.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-32984
GHSA-m2m8-rqw7-jmqv