March 18, 2026 By Pierluigi Paganini
Ubuntu flaw CVE-2026-3888 lets attackers gain root via a systemd timing exploit, affecting Desktop 24.04+ with high severity.
Qualys researchers found a high-severity flaw, tracked as CVE-2026-3888 (CVSS score of 7.8), in Ubuntu Desktop 24.04+, which allows attackers to exploit a systemd cleanup timing issue to escalate privileges to root and potentially take full control of vulnerable systems.
The bug relies on a cleanup window of 10–30 days, but can ultimately lead to full system compromise. It stems from how snap-confine manages privileged execution and how systemd-tmpfiles removes old temporary files.
“The Qualys Threat Research Unit has identified a Local Privilege Escalation (LPE) vulnerability affecting default installations of Ubuntu Desktop version 24.04 and later. This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root access through the interaction of two standard system components: snap-confine and systemd-tmpfiles.” reads the advisory.
“While the exploit requires a specific time-based window (10–30 days), the resulting impact is a complete compromise of the host system.”