< ciso
brief />
Tag Banner

All news with #canonical tag

3 articles

Amazon WorkSpaces Adds Ubuntu 24.04 in China

🖥️ AWS now offers Ubuntu 24.04 LTS bundles for Amazon WorkSpaces Personal in the AWS China (Ningxia) Region operated by NWCD. The new bundles let customers launch Ubuntu WorkSpaces with updated packages, toolchains, and security improvements from Ubuntu 24.04. It also provides a migration path for Amazon Linux 2 WorkSpaces customers seeking extended upstream maintenance and support.
read more →

Ubuntu Desktop Flaw Allows Local Elevation to Root

⚠ A local privilege escalation vulnerability (CVE-2026-3888) affects default installations of Ubuntu Desktop 24.04 and later, enabling attackers with low-level access to obtain full root privileges. The flaw stems from an interaction between snap-confine and systemd-tmpfiles that enables a timing-based attack leveraging automated temporary-file cleanup. Exploitation requires patience due to a built-in 10–30 day cleanup window, but no user interaction is needed; Qualys rated the issue CVSS 7.8 and urges immediate upgrade to patched snapd releases.
read more →

Ubuntu CVE-2026-3888: snap-confine Privilege Escalation

⚠️ A high-severity vulnerability tracked as CVE-2026-3888 affects default Ubuntu Desktop installations starting with 24.04, allowing an unprivileged local attacker to escalate to root by abusing the interaction between snap-confine and systemd-tmpfiles. The exploit relies on a timing window (roughly 10–30 days) in which systemd-tmpfiles removes stale /tmp entries, enabling an attacker to recreate sandbox directories with malicious payloads that are later bind-mounted as root. Ubuntu and upstream snapd have released patches; administrators should upgrade snapd and follow vendor guidance to mitigate exposure.
read more →