CVE-2026-47328

Published: Mag 28, 2026 Last Modified: Mag 28, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,1

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: low

Availability: high

Description

AI Translation Available

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.

590

Free of Memory not on the Heap

Incomplete

Abstraction: Variant Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Confidentiality Availability

Potential Impacts:

Execute Unauthorized Code Or Commands Modify Memory

Applicable Platforms

Languages: Memory-Unsafe, C

View CWE Details

https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/lin…

https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/commit…

CVE-2026-47328

Description

Free of Memory not on the Heap

Common Consequences

Applicable Platforms

Iscriviti alla newsletter