Ubuntu Desktop snapd root-escalation flaw (CVE-2026-3888)
Vulnerability
Summary
Hide ▲
Show ▼
A disclosed CVE-2026-3888 flaw in Ubuntu Desktop 24.04 and later can let an unprivileged local attacker gain full root access on default installations. The issue stems from the interaction of snap-confine and systemd-tmpfiles, creating a path to a complete compromise of the host system. Affected snapd builds have been patched in the named Ubuntu and upstream releases.
Related Happenings
Linux kernel AppArmor confused deputy vulnerabilities CrackArmor security flaw
Vulnerability
First: 13.03.2026 10:18
Last: 13.03.2026 10:18
Sources 1
About this happening:
Researchers disclosed **CrackArmor**, nine **confused deputy** flaws in the **Linux kernel's AppArmor module** that can let **unprivileged users** bypass protections, gain **root*...
Linux kernel AppArmor confused deputy vulnerabilities CrackArmor security flaw
VulnerabilityAbout this happening: Researchers disclosed **CrackArmor**, nine **confused deputy** flaws in the **Linux kernel's AppArmor module** that can let **unprivileged users** bypass protections, gain **root*...
Timeline
-
18.03.2026 10:08 2 articles · 2mo ago
Ubuntu Desktop CVE-2026-3888 root-escalation flaw disclosed
Initial DisclosureQualys disclosed CVE-2026-3888, a high-severity flaw in default installations of Ubuntu Desktop 24.04 and later that can let an unprivileged local attacker reach full root access by abusing the interaction between snap-confine and systemd-tmpfiles. The exploit relies on a 10–30 day timing window and can lead to complete compromise of the host system, and patched snapd releases were identified for Ubuntu 24.04 LTS, Ubuntu 25.10 LTS, Ubuntu 26.04 LTS (Dev), and upstream snapd.
Show sources
- Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit — thehackernews.com — 18.03.2026 10:08
- New Ubuntu Flaw Enables Local Attackers to Gain Root Access — www.infosecurity-magazine.com — 18.03.2026 17:45