news
CVE-2026-3888 Allows Local Users Gain Root Via Snapd
-
Qualys ☛ CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root
The Qualys Threat Research Unit has identified a Local Privilege Escalation (LPE) vulnerability affecting default installations of Ubuntu Desktop version 24.04 and later. This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root access through the interaction of two standard system components: snap-confine and systemd-tmpfiles.
-
LWN ☛ Local-privilege escalation in snapd
Qualys has discovered a local-privilege escalation (LPE) vulnerability affecting Ubuntu Desktop 24.04 and later: [...]
-
Hacker News ☛ Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate privileges to the root level.
Tracked as CVE-2026-3888 (CVSS score: 7.8), the issue could allow an attacker to seize control of a susceptible system.
-
InfoSecurity Magazine ☛ New Ubuntu Flaw Enables Local Attackers to Gain Root Access
A newly identified local privilege escalation (LPE) vulnerability has been discovered affecting default installations of Ubuntu Desktop 24.04 and later, allowing attackers to gain full root access.
The flaw, tracked as CVE-2026-3888, stems from the interaction between two core system components and was uncovered by the Qualys Threat Research Unit.
The issue arises from how snap-confine and systemd-tmpfiles operate together under certain conditions. While exploitation requires patience due to a built-in delay, the potential outcome is a complete system compromise.
-
Security Affairs ☛ CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit
Ubuntu flaw CVE-2026-3888 lets attackers gain root via a systemd timing exploit, affecting Desktop 24.04+ with high severity.
Qualys researchers found a high-severity flaw, tracked as CVE-2026-3888 (CVSS score of 7.8), in Ubuntu Desktop 24.04+, which allows attackers to exploit a systemd cleanup timing issue to escalate privileges to root and potentially take full control of vulnerable systems.
The bug relies on a cleanup window of 10–30 days, but can ultimately lead to full system compromise. It stems from how snap-confine manages privileged execution and how systemd-tmpfiles removes old temporary files.
-
IT Pro ☛ Ubuntu vulnerability exposes enterprises to root escalation, complete system compromise
Just a week after revealing critical vulnerabilities in Linux’s AppArmor security layer, Qualys researchers are warning of a flaw affecting Ubuntu that can also allow an unprivileged user to gain full root access.
The high‑severity Local Privilege Escalation vulnerability, tracked as CVE‑2026‑3888, affects default installations of Ubuntu Desktop 24.04 and later.
-
Ubuntu Security Flaw Lets Hackers Gain Root Control
Security researchers at Qualys have uncovered a high severity vulnerability in Ubuntu Desktop that allows local attackers to escalate privileges to root. The flaw is tied to how two core system components interact under specific timing conditions, creating a path for full system compromise.
-
Qualys discloses Ubuntu Desktop local privilege escalation vulnerability CVE-2026-3888
Security researchers at Qualys Threat Research Unit (TRU) have disclosed a local privilege escalation vulnerability affecting default installations of Ubuntu Desktop 24.04 and later.
-
Qualys Threat Research Unit Discovers Critical Vulnerability in Ubuntu Operating System - CXO Digitalpulse
March, 2026: The Qualys Threat Research Unit (TRU) today announced the discovery of a critical vulnerability, CVE-2026-3888, impacting Ubuntu
-
Ubuntu snap flaw lets local users hijack root access
Qualys has disclosed a local privilege escalation flaw in default installations of Ubuntu Desktop 24.04 and later that, under specific timing conditions, can allow an unprivileged user to gain full root access.
Tracked as CVE-2026-3888, the vulnerability stems from an interaction between snap-confine and systemd-tmpfiles on systems where Snap is installed in its standard configuration, as is typical for Ubuntu Desktop.
Qualys rated the flaw high severity, with a CVSS v3.1 score of 7.8 out of 10. The vector describes a local attack requiring low privileges and no user interaction. However, it has high attack complexity and can fully compromise confidentiality, integrity and availability.