CVE-2026-3888

| EUVD-2026-12570 HIGH
2026-03-17 canonical
7.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Patch Released
Mar 31, 2026 - 21:13 nvd
Patch available
Analysis Generated
Mar 17, 2026 - 20:30 vuln.today
EUVD ID Assigned
Mar 17, 2026 - 20:30 euvd
EUVD-2026-12570
CVE Published
Mar 17, 2026 - 14:02 nvd
HIGH 7.8

Tags

Ubuntu Privilege Escalation Ubuntu 20.04 Lts Ubuntu 16.04 Lts Ubuntu 22.04 Lts Ubuntu 24.04 Lts Ubuntu 18.04 Lts

Description

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.

Analysis

Local privilege escalation in snapd on multiple Ubuntu versions allows authenticated local attackers to obtain root access by exploiting a race condition between snap's temporary directory creation and systemd-tmpfiles cleanup operations. An attacker with local access can manipulate the /tmp directory to escalate privileges when snapd attempts to recreate its private snap directories. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Inventory all systems running snapd across Ubuntu 16.04-24.04 LTS and assess user access patterns to identify high-risk environments. Within 7 days: Apply available Ubuntu Security Notice patches to all affected systems through scheduled maintenance windows, prioritizing production and sensitive data environments. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

39
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +39
POC: 0

Vendor Status

Ubuntu

Priority: High
snapd
Release Status Version
upstream pending 2.75.1
bionic released 2.61.4ubuntu0.18.04.1+esm2
focal released 2.67.1+20.04ubuntu1~esm1
jammy released 2.73+ubuntu22.04.1
noble released 2.73+ubuntu24.04.1
questing released 2.73+ubuntu25.10.1
xenial released 2.61.4ubuntu0.16.04.1+esm2
USN-8102-1

Debian

Bug #1131120
snapd
Release Status Fixed Version Urgency
bullseye (security), bullseye vulnerable 2.49-1+deb11u2 -
bookworm vulnerable 2.57.6-1 -
trixie vulnerable 2.68.3-3 -
forky vulnerable 2.71-3 -
sid vulnerable 2.74.1-1 -
(unstable) fixed (unfixed) -

Share

CVE-2026-3888 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy