7.8
CVE-2026-3888
Trending CVE
- EPSS 0.01%
- Veröffentlicht 17.03.2026 14:16:17
- Zuletzt bearbeitet 18.03.2026 04:17:30
- Quelle security@ubuntu.com
- CVE-Watchlists
- Unerledigt
LoginLocal privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
Collection URLhttps://github.com/canonical
≫
Paket
snapd
Default Statusunaffected
Version <
2.75.1
Version
0
Status
affected
HerstellerCanonical
≫
Produkt
Ubuntu 16.04 LTS
Default Statusaffected
Version <
*
Version
2.61.4ubuntu0.16.04.1+esm2
Status
unaffected
HerstellerCanonical
≫
Produkt
Ubuntu 18.04 LTS
Default Statusaffected
Version <
*
Version
2.61.4ubuntu0.18.04.1+esm2
Status
unaffected
HerstellerCanonical
≫
Produkt
Ubuntu 20.04 LTS
Default Statusaffected
Version <
*
Version
2.67.1+20.04ubuntu1~esm1
Status
unaffected
HerstellerCanonical
≫
Produkt
Ubuntu 22.04 LTS
Default Statusaffected
Version <
*
Version
2.73+ubuntu22.04.1
Status
unaffected
HerstellerCanonical
≫
Produkt
Ubuntu 24.04 LTS
Default Statusaffected
Version <
*
Version
2.73+ubuntu24.04.2
Status
unaffected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.003 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@ubuntu.com | 7.8 | 1.1 | 6 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
|
CWE-268 Privilege Chaining
Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that combination.