From Newsgroup: alt.os.linux.ubuntu
On Thu, 26 Mar 2026 06:51:25 +1100, Axel wrote:
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd
Cleanup Timing Exploit
https://thehackernews.com/2026/03/ubuntu-cve-2026-3888-bug-lets-attackers.html?m=1
I was wondering why it didn’t affect other distros that also use systemd, including Ubuntu’s parent, Debian:
The problem, Qualys noted, stems from the unintended interaction
of snap-confine, which manages execution environments for snap
applications by creating a sandbox, and systemd-tmpfiles, which
automatically cleans up temporary files and directories
(e.g.,/tmp, /run, and /var/tmp) older than a defined threshold.
--- Synchronet 3.21f-Linux NewsLink 1.2