CVE-2026-47337

Summary

Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.

Affected Software

VendorProductVersion RangeStatus
CanonicalUbuntu Linux6.8.0 < 6.8.0-124.124affected
CanonicalUbuntu Linux6.17.0 < 6.17.0-35.35affected
CanonicalUbuntu Linux7.0.0 < 7.0.0-22.22affected

Weaknesses

  • CWE-476: CWE-476 NULL pointer dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References