Timing Flaw in systemd Cleanup Enables Root Privilege Escalation (cybersecurity88.com)

submitted 5 days ago by ChrisG@lemmy.world to c/linux@lemmy.ml

29 comments fedilink hide all child comments

Yet another critical vulnerability in systemd, this time involving snapd. Ubuntu folk are affected.

"A serious security issue has been discovered in Ubuntu, and it is gaining attention in the cybersecurity community. The vulnerability is identified as CVE-2026-3888 and mainly affects Ubuntu Desktop systems from version 24.04 onwards. This flaw is dangerous because it allows an attacker with limited access to gain full root privileges. Root access means complete control over the entire system."

you are viewing a single comment's thread
view the rest of the comments

[-] eleijeep@piefed.social 22 points 5 days ago

Not a very good article. The original write-up (not linked anywhere in the article) is here: https://blog.qualys.com/vulnerabilities-threat-research/2026/03/17/cve-2026-3888-important-snap-flaw-enables-local-privilege-escalation-to-root

They also mention something else that's interesting at the bottom of the write-up:

Secondary Finding: Vulnerability in Ubuntu 25.10 uutils Coreutils

In a proactive security effort prior to the release of Ubuntu Desktop 25.10, the Qualys Threat Research Unit assisted the Ubuntu Security Team in reviewing the uutils coreutils package (a Rust rewrite of standard GNU utilities).

A race condition in the rm utility allowed an unprivileged local attacker to replace directory entries with symlinks during root-owned cron executions (specifically /etc/cron.daily/apport). Successful exploitation could lead to arbitrary file deletion as root or further privilege escalation by targeting snap sandbox directories.

The vulnerability was reported and mitigated prior to the public release of Ubuntu 25.10. The default rm command in Ubuntu 25.10 was reverted to GNU coreutils to mitigate this risk immediately. Upstream fixes have since been applied to the uutils repository.

[-] ozymandias117@lemmy.world 8 points 5 days ago

Wait. So the flaw was in uutils, and this article reported it as a systemd bug...?

[-] Cyber@feddit.uk 4 points 5 days ago

And, even further: a rust implementation vulnerability too?

(Waits for C vs Rust war to start...)

[-] ChrisG@lemmy.world -1 points 5 days ago

Yes, thank you for the extra info!

this post was submitted on 01 Apr 2026

49 points (75.8% liked)

Linux

63789 readers

746 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz