Local-privilege escalation in snapd
Date:
Wed, 18 Mar 2026 15:34:34 +0000
Description:
Qualys has discovered
a local-privilege escalation (LPE) vulnerability affecting Ubuntu
Desktop 24.04 and later: This flaw (CVE-2026-3888) allows an unprivileged local attacker to
escalate privileges to full root access through the interaction of two
standard system components: snap-confine and systemd-tmpfiles. More details are available in the security
advisory . Canonical has published updated packages as well as instructions for verifying if a system is vulnerable and how to upgrade if so.
======================================================================
Link to news story:
https://lwn.net/Articles/1063453/
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)