Unrated severityNVD Advisory· Published Mar 17, 2026· Updated Mar 18, 2026

Local Privilege Escalation in snapd

CVE-2026-3888

Description

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.

Affected products

Canonical/snapdllm-create
Range: Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, 24.04 LTS

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

discourse.ubuntu.com/t/snapd-local-privilege-escalation-cve-2026-3888mitretechnical-descriptionvendor-advisory
ubuntu.com/security/notices/USN-8102-1mitrevendor-advisory
blog.qualys.com/vulnerabilities-threat-research/2026/03/17/cve-2026-3888-important-snap-flaw-enables-local-privilege-escalation-to-rootmitretechnical-descriptionmedia-coverage
cdn2.qualys.com/advisory/2026/03/17/snap-confine-systemd-tmpfiles.txtmitretechnical-descriptionmedia-coverage
ubuntu.com/security/CVE-2026-3888mitrevdb-entryissue-tracking

News mentions

New Ubuntu Flaw Enables Local Attackers to Gain Root Access
Infosecurity Magazine · Mar 18, 2026

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000