Skip to main content

Ubuntu Linux CVE-2026-47334

| EUVDEUVD-2026-32989 MEDIUM
Deadlock (CWE-833)
2026-05-28 canonical GHSA-h65w-p466-mpmx
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

2
Analysis Generated
May 28, 2026 - 19:25 vuln.today
CVE Published
May 28, 2026 - 18:28 nvd
MEDIUM 5.5

DescriptionCVE.org

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.

AnalysisAI

Kernel availability loss in Ubuntu Linux 6.8, 6.17, and 7.0 can be triggered by any unprivileged local user via a defect in Ubuntu-specific AppArmor SAUCE patches, where notification handling code incorrectly sleeps while holding a spinlock. Violating this kernel locking invariant results in kernel panic or deadlock, causing a full system crash or hang. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog, but the low-complexity, low-privilege trigger conditions make it a realistic denial-of-service risk on any multi-user Ubuntu system running the affected kernel versions.

Technical ContextAI

Ubuntu ships 'SAUCE' (Snappy Ubuntu Core Enablement) patches on top of the mainline Linux kernel to add or extend features such as AppArmor notification handling. Spinlocks are a fundamental kernel synchronization primitive designed for extremely short, atomic critical sections; the kernel forbids sleeping (blocking) while a spinlock is held because no other thread can acquire the CPU to release the lock, potentially causing the entire system to stall or deadlock. The defect maps to CWE-833 (Deadlock): the AppArmor notification code path acquires a spinlock and then enters a code flow that can sleep - a hard violation of kernel locking discipline. The CPE cpe:2.3:a:canonical:ubuntu_linux:*:*:*:*:*:*:*:* scopes this to Canonical's Ubuntu Linux packaging specifically, not upstream mainline Linux, confirming this is an Ubuntu-specific regression introduced by the SAUCE patchset.

RemediationAI

Canonical has released an upstream fix via the patch commit at https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/commit/?id=f0e73aec23d13a9877fba096b1c2fd19f66e5313. Ubuntu users should apply the latest kernel security updates from Canonical via 'apt-get update && apt-get dist-upgrade' and reboot, as kernel patches require a full system restart to take effect. An exact patched kernel package version number was not independently confirmed in the available data - monitor Ubuntu Security Notices (USN) for the corresponding advisory citing this CVE to confirm the minimum safe kernel version for your specific Ubuntu release. As a temporary compensating control on systems where downtime is not acceptable, restricting local user accounts (removing shell access for non-essential accounts, enforcing least privilege) reduces the pool of users who can trigger the vulnerability, but does not eliminate it. Disabling AppArmor entirely (apparmor=0 kernel boot parameter) would likely prevent the vulnerable code path from executing but removes all AppArmor MAC protections - this is a significant security trade-off and should only be considered in exceptional circumstances with compensating network and process controls in place.

Share

CVE-2026-47334 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy