CVE-2026-3888
Analyzed Analyzed - Analysis Complete
Local Privilege Escalation in snapd via /tmp Directory Cleanup

Publication date: 2026-03-17

Last updated on: 2026-06-04

Assigner: Canonical Ltd.

Description
Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-17
Last Modified
2026-06-04
Generated
2026-06-16
AI Q&A
2026-03-17
EPSS Evaluated
2026-06-15
NVD
CVE-2026-3888
EUVD
EUVD-2026-12570
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
canonical ubuntu_linux 22.04
canonical ubuntu_linux 24.04
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-268 Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that combination.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a local privilege escalation issue in snapd on Linux systems. It allows a local attacker to gain root privileges by re-creating snap's private /tmp directory when systemd-tmpfiles is set to automatically clean up this directory.

The problem occurs because the cleanup process can be exploited to replace or manipulate the private /tmp directory used by snap, enabling the attacker to escalate their privileges.

Impact Analysis

This vulnerability can allow a local attacker with limited privileges to gain full root access on affected Ubuntu systems. This means the attacker could take complete control of the system, potentially leading to unauthorized access to sensitive data, modification or deletion of files, installation of malicious software, and disruption of system operations.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3888. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart