CVE-2026-3888

Qualys has disclosed CVE-2026-3888 — a high-severity local privilege escalation flaw in default Ubuntu Desktop 24.04 and later installations that allows an unprivileged local attacker to gain full root access by exploiting the interaction between snap-confine and systemd-tmpfiles. Patch USN-8102-1 is available — update immediately.

Severity

high

CVSS Score

7.8 / 10

Published

Mar 18, 2026

Affected Products

›Ubuntu Desktop 24.04 LTS — default installation
›Ubuntu Desktop 25.10 — mitigated prior to release by reverting default rm to GNU coreutils
›Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS — affected per CVE record
›snapd — all versions prior to the patch on affected Ubuntu releases
›uutils coreutils — the Rust rewrite of GNU coreutils, separate race condition vulnerability discovered and mitigated before Ubuntu 25.10 release

Full Analysis

CVE-2026-3888: Ubuntu Default Installation Flaw Lets Unprivileged Attackers Escalate to Root via systemd Cleanup Timing

Deep-dive: technical breakdown, real-world impact, complete remediation steps, and expert context.

Read the full report →

← All threat reports All articles