All news with #canonical tag

⚠ A local privilege escalation vulnerability (CVE-2026-3888) affects default installations of Ubuntu Desktop 24.04 and later, enabling attackers with low-level access to obtain full root privileges. The flaw stems from an interaction between snap-confine and systemd-tmpfiles that enables a timing-based attack leveraging automated temporary-file cleanup. Exploitation requires patience due to a built-in 10–30 day cleanup window, but no user interaction is needed; Qualys rated the issue CVSS 7.8 and urges immediate upgrade to patched snapd releases.

⚠️ A high-severity vulnerability tracked as CVE-2026-3888 affects default Ubuntu Desktop installations starting with 24.04, allowing an unprivileged local attacker to escalate to root by abusing the interaction between snap-confine and systemd-tmpfiles. The exploit relies on a timing window (roughly 10–30 days) in which systemd-tmpfiles removes stale /tmp entries, enabling an attacker to recreate sandbox directories with malicious payloads that are later bind-mounted as root. Ubuntu and upstream snapd have released patches; administrators should upgrade snapd and follow vendor guidance to mitigate exposure.