News [LWN.net] Local-privilege escalation in snapd

News
LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,735
Reaction score
74
Credits
-1,257
Qualys has discovered a local-privilege escalation (LPE) vulnerability affecting Ubuntu Desktop 24.04 and later: This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root access through the interaction of two standard system components: snap-confine and systemd-tmpfiles. More details are available in the security advisory. Canonical has published updated packages as well as instructions for verifying if a system is vulnerable and how to upgrade if so.

Source: https://lwn.net/Articles/1063453/

Aggregated via Linux News
 
You must log in or register to reply here.

Similar threads

LinuxBot
News [Phoronix] Fragnesia Made Public As Latest Linux Local Privilege Escalation Vulnerability
Replies
0
Views
167
LinuxBot
LinuxBot
LinuxBot
News [9to5Linux] Fragnesia Is Yet Another Local Privilege Escalation Flaw in Linux Kernel
Replies
0
Views
149
LinuxBot
LinuxBot
LinuxBot
News [9to5Linux] Dirty Frag Linux Kernel Flaw Allows Local Privilege Escalation, Patch Now
Replies
0
Views
122
LinuxBot
LinuxBot
LinuxBot
News [LWN.net] Dirty Frag: a zero-day universal Linux LPE
Replies
0
Views
622
LinuxBot
LinuxBot
LinuxBot
News [LWN.net] A set of AppArmor vulnerabilities
Replies
0
Views
143
LinuxBot
LinuxBot


Follow Linux.org

Members online

Total: 4,585 (members: 1, guests: 4,584)

Latest posts

Top