Endpoint/Device Security, Vulnerability Management, Privileged access management, Patch/Configuration Management

Ubuntu Desktop vulnerable to root privilege escalation via systemd exploit

(Ralf – stock.adobe.com)

A critical vulnerability, identified as CVE-2026-3888, has been discovered in Ubuntu Desktop versions 24.04 and later, allowing local attackers to gain root privileges. The flaw, with a CVSS score of 7.8, exploits a timing issue within the systemd cleanup process, enabling an unprivileged user to escalate their access to the highest level of system control, according to a recent report by Security Affairs.

The vulnerability arises from the interaction between snap-confine, which manages secure application environments, and systemd-tmpfiles, responsible for removing temporary files. Attackers can exploit a 10- to 30-day cleanup window. During this period, after a critical directory used by snap-confine is deleted by systemd-tmpfiles, an attacker can recreate it with malicious files.

When snap-confine subsequently initializes a sandbox, it inadvertently mounts these malicious files as root, leading to arbitrary code execution and full system compromise. This attack requires local access and precise timing but impacts confidentiality, integrity, and availability.

Source: Security Affairs

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds