CVE-2026-47337

Severity CVSS v4.0:
Pending analysis
Type:
CWE-476 NULL Pointer Dereference
Publication date:
28/05/2026
Last modified:
29/05/2026

Description

Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:canonical:ubuntu_linux:6.8:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.17:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.0:*:*:*:*:*:*:*