A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate privileges to the root level.
Tracked as CVE-2026-3888 (CVSS score: 7.8), the issue could allow an attacker to seize control of a susceptible system.
"This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root access
"This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root access through the interaction of two standard system components: snap-confine and systemd-tmpfiles," the Qualys Threat Research Unit (TRU) said .
"While the exploit requires a specific time-based window (10–30 days), the resulting impact is a complete compromise of the host system."
The problem, Qualys noted, stems from the unintended interaction of snap-confine, which manages execution environments for snap applications by creating a sandbox, and systemd-tmpfiles, which automatically cleans up temporary files and directories (e.g.,/tmp, /run, and /var/tmp) older than a defined threshold.
The vulnerability has been patched in the following versions -
The attack requires low privileges and no user interaction, although the attack complexity is high due to the time-delay mechanism in the exploit chain.