What is the CVSS score of EUVD-2026-32986?

EUVD-2026-32986 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Which versions of Ubuntu Linux Kernel are affected by EUVD-2026-32986?

Ubuntu Linux kernel 6.8 contains a high-severity local privilege escalation vulnerability that permits unprivileged system users to execute arbitrary code in kernel context.. A patch is available.

How to fix or mitigate EUVD-2026-32986?

24 hours: Inventory all Ubuntu systems running kernel 6.8 and identify exposure scope. 7 days: Apply vendor-released kernel security patch to non-production systems and validate stability. 30 days: Complete kernel updates across production environment per change management protocols, prioritizing systems with broad user access.

Ubuntu Linux Kernel EUVD-2026-32986

| CVE-2026-47331 HIGH

Use After Free (CWE-416)

2026-05-28 canonical

RCE Use After Free Memory Corruption Ubuntu

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

May 28, 2026 - 19:21 vuln.today

CVE Published

May 28, 2026 - 18:28 nvd

HIGH 7.8

DescriptionNVD

Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock when modifying a linked list. An unprivileged local user could trigger the race condition that can lead to a use-after-free (UAF) and, theoretically, arbitrary code execution.

AnalysisAI

Local privilege escalation in Ubuntu Linux 6.8 kernel stems from an AppArmor SAUCE patch that omits proper locking when modifying a linked list, enabling a race condition that can be exploited by an unprivileged local user. Successful exploitation leads to a use-after-free condition with theoretical arbitrary code execution in kernel context. …

RemediationAI

24 hours: Inventory all Ubuntu systems running kernel 6.8 and identify exposure scope. 7 days: Apply vendor-released kernel security patch to non-production systems and validate stability. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-32986 vulnerability details – vuln.today

Back

Ubuntu Linux Kernel EUVD-2026-32986

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code