Securitybrief.Au
Critical Ubuntu Snap Flaw Allows Local Privilege Escalation
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A local privilege escalation vulnerability, tracked as CVE-2026-3888, has been identified in default installations of Ubuntu Desktop 24.04 and later. Discovered by Qualys, the flaw arises from an unintended interaction between snap-confine and systemd-tmpfiles, allowing unprivileged local users to gain full root access. The attack requires a specific timing window of 10 to 30 days for the system to delete a critical directory in /tmp, after which an attacker can recreate it with malicious content. This vulnerability has a high severity rating with a CVSS score of 7.8. Affected versions include snapd prior to 2.73+ubuntu24.04.1 for Ubuntu 24.04 LTS and earlier versions for subsequent releases. Organizations are urged to apply patches immediately to mitigate risks. Legacy Ubuntu versions are not vulnerable under default configurations but should still be updated as a precaution.
Key Points: • CVE-2026-3888 allows local users to escalate privileges to root on Ubuntu Desktop 24.04+. • The vulnerability exploits a timing issue between snap-confine and systemd-tmpfiles. • Immediate patching is recommended for affected systems to prevent exploitation.