Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 14 articles for you...
87
security advisorydebianprivilege escalationDebian DSA-6170-1 snapd Local Escalation CVE-2026-3888 Advisory
The Qualys Threat Research Unit (TRU) discovered a local privilege escalation vulnerability in snapd, a daemon and tooling that enable snap packages. Details can be found in the Qualys advisory at https://cdn2.qualys.com/advisory/2026/03/17/snap-confine-systemd-tmpfiles.txt For the oldstable distribution (bookworm), this problem has been fixed. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6170-1
Mar 19, 2026 •Important Debian 172
security advisoryprivilege escalationUbuntuUbuntu 24.04 LTS snapd Important Privilege Escalation Fix USN-8102-2
USN-8102-1 introduced a regression in snapd. ========================================================================== Ubuntu Security Notice USN-8102-2 March 17, 2026 snapd regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: USN-8102-1 introduced a regression in snapd Software Description: - snapd: Daemon and tooling that enable snap packages Details: USN-8102-1 fixed a vulnerability in snapd. The update caused a regresision for Ubuntu 24.04 LTS while installing the package. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Qualys discovered that snapd incorrectly handled certain operations in the snap's private /tmp directory. If systemd-tmpfiles is enabled to automatically clean up this directory, a local attacker could possibly use this issue to re-create the deleted directory, resulting in privilege escalation. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS snapd 2.73+ubuntu24.04.2 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8102-2 https://ubuntu.com/security/notices/USN-8102-1 CVE-2026-3888, https://launchpad.net/bugs/2144728 Package Information: https://launchpad.net/ubuntu/+source/snapd/2.73+ubuntu24.04.2 . Ubuntu 24.04 LTS snapd regression fixed. Update required for critical security issue after USN-8102-1.. Ubuntu 24.04 snapd update, snapd privilege escalation fix, security notice, USN-8102-2. . Severity: Important. LinuxSecurity.com Team
Mar 18, 2026 •Important Ubuntu 
172
security advisorycriticalprivilege escalationUbuntu 25.10 Snapd Critical Privilege Escalation USN-8102-1 CVE-2026-3888
snapd could be used to escalate privilege. ========================================================================== Ubuntu Security Notice USN-8102-1 March 17, 2026 snapd vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: snapd could be used to escalate privilege Software Description: - snapd: Daemon and tooling that enable snap packages Details: Qualys discovered that snapd incorrectly handled certain operations in the snap's private /tmp directory. If systemd-tmpfiles is enabled to automatically clean up this directory, a local attacker could possibly use this issue to re-create the deleted directory, resulting in privilege escalation. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 snapd 2.73+ubuntu25.10.1 Ubuntu 24.04 LTS snapd 2.73+ubuntu24.04.1 Ubuntu 22.04 LTS snapd 2.73+ubuntu22.04.1 Ubuntu 20.04 LTS snapd 2.67.1+20.04ubuntu1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS snapd 2.61.4ubuntu0.18.04.1+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS snapd 2.61.4ubuntu0.16.04.1+esm2 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8102-1 CVE-2026-3888 Package Information: https://launchpad.net/ubuntu/+source/snapd/2.73+ubuntu25.10.1 https://launchpad.net/ubuntu/+source/snapd/2.73+ubuntu24.04.1 https://launchpad.net/ubuntu/+source/snapd/2.73+ubuntu22.04.1 . Snapd is vulnerable toprivilege escalation on multiple Ubuntu versions. Upgrade to avoid security risks.. Ubuntu Snapd Privilege Escalation Security Fix. . Severity: Critical. LinuxSecurity.com Team
Mar 17, 2026 •Critical Ubuntu 172
security advisoryprivilege escalationDoSUbuntu 18.04 LTS & 16.04 LTS: USN-6940-2 critical: snapd issues resolved
Several security issues were fixed in snapd.. ========================================================================== Ubuntu Security Notice USN-6940-2 January 13, 2025 snapd vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in snapd. Software Description: - snapd: Daemon and tooling that enable snap packages Details: USN-6940-1 fixed vulnerabilities in snapd. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Original advisory details: Neil McPhail discovered that snapd did not properly restrict writes to the /home/jslarraz/bin path in the AppArmor profile for snaps using the home plug. An attacker who could convince a user to install a malicious snap could use this vulnerability to escape the snap sandbox. (CVE-2024-1724) Zeyad Gouda discovered that snapd failed to properly check the file type when extracting a snap. An attacker who could convince a user to install a malicious snap containing non-regular files could then cause snapd to block indefinitely while trying to read from such files and cause a denial of service. (CVE-2024-29068) Zeyad Gouda discovered that snapd failed to properly check the destination of symbolic links when extracting a snap. An attacker who could convince a user to install a malicious snap containing crafted symbolic links could then cause snapd to write out the contents of the symbolic link destination into a world-readable directory. This in-turn could allow a local unprivileged user to gain access to privileged information. (CVE-2024-29069) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS snapd 2.61.4ubuntu0.18.04.1+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS snapd 2.61.4ubuntu0.16.04.1+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6940-2 https://ubuntu.com/security/notices/USN-6940-1 CVE-2024-1724, CVE-2024-29068, CVE-2024-29069 . The recent brief covers essential safety enhancements for snapd in Ubuntu, addressing significant vulnerabilities that threaten overall system stability.. snapd updates, Ubuntu security, software vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
Jan 13, 2025 •Critical Ubuntu 172
security advisorydenial of serviceprivilege escalationUbuntu 24.04 LTS Snapd: USN-6940-1 Critical Security Advisory
Several security issues were fixed in snapd.. ========================================================================== Ubuntu Security Notice USN-6940-1 August 01, 2024 snapd vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in snapd. Software Description: - snapd: Daemon and tooling that enable snap packages Details: Neil McPhail discovered that snapd did not properly restrict writes to the $HOME/bin path in the AppArmor profile for snaps using the home plug. An attacker who could convince a user to install a malicious snap could use this vulnerability to escape the snap sandbox. (CVE-2024-1724) Zeyad Gouda discovered that snapd failed to properly check the file type when extracting a snap. An attacker who could convince a user to install a malicious snap containing non-regular files could then cause snapd to block indefinitely while trying to read from such files and cause a denial of service. (CVE-2024-29068) Zeyad Gouda discovered that snapd failed to properly check the destination of symbolic links when extracting a snap. An attacker who could convince a user to install a malicious snap containing crafted symbolic links could then cause snapd to write out the contents of the symbolic link destination into a world-readable directory. This in-turn could allow a local unprivileged user to gain access to privileged information. (CVE-2024-29069) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS snapd 2.63+24.04ubuntu0.1 Ubuntu 22.04 LTS snapd 2.63+22.04ubuntu0.1 Ubuntu 20.04 LTS snapd 2.63+20.04ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6940-1 CVE-2024-1724, CVE-2024-29068, CVE-2024-29069 Package Information: https://launchpad.net/ubuntu/+source/snapd/2.63+24.04ubuntu0.1 https://launchpad.net/ubuntu/+source/snapd/2.63+22.04ubuntu0.1 https://launchpad.net/ubuntu/+source/snapd/2.63+20.04ubuntu0.1 . Important revisions for snapd in Ubuntu address several vulnerabilities. Upgrade your system to maintain security.. snapd security updates, Ubuntu system security, updates for snap packages. . Severity: Critical. LinuxSecurity.com Team
Aug 01, 2024 •Critical Ubuntu 172
security advisoryupdatecriticalUbuntu 23.04 USN-6125-1 Urgent: Snapd Access Vulnerability Warning
An intended access restriction in snapd could be bypassed by strict mode snaps.. =========================================================================Ubuntu Security Notice USN-6125-1 May 31, 2023 snapd vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: An intended access restriction in snapd could be bypassed by strict mode snaps. Software Description: - snapd: Daemon and tooling that enable snap packages Details: It was discovered that the snap sandbox did not restrict the use of the ioctl system call with a TIOCLINUX request. This could be exploited by a malicious snap to inject commands into the controlling terminal which would then be executed outside of the snap sandbox once the snap had exited. This could allow an attacker to execute arbitrary commands outside of the confined snap sandbox. Note: graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: snapd 2.59.1+23.04ubuntu1.1 Ubuntu 22.10: snapd 2.58+22.10.1 Ubuntu 22.04 LTS: snapd 2.58+22.04.1 Ubuntu 20.04 LTS: snapd 2.58+20.04.1 Ubuntu 18.04 LTS: snapd 2.58+18.04.1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): snapd 2.54.3+16.04.0ubuntu0.1~esm6 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6125-1 CVE-2023-1523 Package Information: https://launchpad.net/ubuntu/+source/snapd/2.59.1+23.04ubuntu1.1 https://launchpad.net/ubuntu/+source/snapd/2.58+22.10.1 https://launchpad.net/ubuntu/+source/snapd/2.58+22.04.1 https://launchpad.net/ubuntu/+source/snapd/2.58+20.04.1 https://launchpad.net/ubuntu/+source/snapd/2.58+18.04.1 . Perform an update on your Ubuntu installation to mitigate the snapd security flaw impacting various versions and avoid potential command execution risks.. Snapd Security Update, Ubuntu System Patching, Command Injection Prevention. . Severity: Critical. LinuxSecurity.com Team
May 31, 2023 •Critical Ubuntu 87
security advisorymoderatedebianDebian Bullseye DSA-5292-1 Moderate Snapd Local Escalation Fix
The Qualys Research Team discovered a race condition in the snapd-confine binary which could result in local privilege escalation. For the stable distribution (bullseye), this problem has been fixed in . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5292-1
Dec 01, 2022 Debian 172
security advisorymoderateprivilege escalationUbuntu 22.10: USN-5753-1 Moderate Snapd Privilege Escalation
snapd could be made to run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-5753-1 December 01, 2022 snapd vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM Summary: snapd could be made to run programs as an administrator. Software Description: - snapd: Daemon and tooling that enable snap packages Details: The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: snapd 2.57.5+22.10ubuntu0.1 Ubuntu 22.04 LTS: snapd 2.57.5+22.04ubuntu0.1 Ubuntu 20.04 LTS: snapd 2.57.5+20.04ubuntu0.1 Ubuntu 18.04 LTS: snapd 2.57.5+18.04ubuntu0.1 Ubuntu 16.04 ESM: snapd 2.54.3+16.04.0ubuntu0.1~esm5 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5753-1 CVE-2022-3328 Package Information: https://launchpad.net/ubuntu/+source/snapd/2.57.5+22.10ubuntu0.1 https://launchpad.net/ubuntu/+source/snapd/2.57.5+22.04ubuntu0.1 https://launchpad.net/ubuntu/+source/snapd/2.57.5+20.04ubuntu0.1 https://launchpad.net/ubuntu/+source/snapd/2.57.5+18.04ubuntu0.1 . Ubuntu Security Notice USN-5754-1 highlights a vulnerability in snapd that could enable local users to gain higher privileges. Immediate update is advised.. snapd, Privilege Escalation, Ubuntu Security, Local Attack. . Severity: Important. LinuxSecurity.com Team
Dec 01, 2022 •Important Ubuntu 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!