A critical vulnerability, identified as CVE-2026-3888, has been discovered in Ubuntu Desktop versions 24.04 and later, allowing local attackers to gain root privileges. The flaw, with a CVSS score of 7.8, exploits a timing issue within the systemd cleanup process, enabling an unprivileged user to escalate their access to the highest level of system control, according to a recent report by Security Affairs.The vulnerability arises from the interaction between snap-confine, which manages secure application environments, and systemd-tmpfiles, responsible for removing temporary files. Attackers can exploit a 10- to 30-day cleanup window. During this period, after a critical directory used by snap-confine is deleted by systemd-tmpfiles, an attacker can recreate it with malicious files.When snap-confine subsequently initializes a sandbox, it inadvertently mounts these malicious files as root, leading to arbitrary code execution and full system compromise. This attack requires local access and precise timing but impacts confidentiality, integrity, and availability.Source: Security Affairs
Endpoint/Device Security, Vulnerability Management, Privileged access management, Patch/Configuration Management
Ubuntu Desktop vulnerable to root privilege escalation via systemd exploit

(Ralf – stock.adobe.com)
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



