-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6170-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 19, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : snapd CVE ID : CVE-2026-3888 Debian Bug : 1131120 The Qualys Threat Research Unit (TRU) discovered a local privilege escalation vulnerability in snapd, a daemon and tooling that enable snap packages. Details can be found in the Qualys advisory at https://cdn2.qualys.com/advisory/2026/03/17/snap-confine-systemd-tmpfiles.txt For the oldstable distribution (bookworm), this problem has been fixed in version 2.57.6-1+deb12u1. For the stable distribution (trixie), this problem has been fixed in version 2.68.3-3+deb13u1. We recommend that you upgrade your snapd packages. For the detailed security status of snapd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/snapd Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmm8eQdfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Tl5A/9GRu/4LmsVV5XH/6qLR6O+3ksn1gJQOZgrqwqfSQOdXeoVOnSfWlsEJxr FrX0k342ItWMEkDrrV/IErskQGXh5zBbvpWEEwqiKU3NMsXc/bJJ6QQW6VhYBOL+ 9mGo222OmwSnu4nfAdyFSAW0iWE9ZZCT3OSEHppTtGuT1zMd9wNUfv7PXypYhnss K/r9naplu6S8ATurAUED/r3uxeQ2gaxWabz1Ow36Ac+ZBk7+gmteQ0/CitVxUQ1b ezgmf9W1Rgbq37OTZj5ICQCmKtaPUtwL9cvUISMTMJcJ8EeQ97KpwIB9NM/5vH79 mwWjj+p3rzGVIiLtTk2AyF1Z0kF5xHIiJ+GGO9tt2tgU8QqgkSmLYD/uf+QF3nMr PHEfjOS7h2lO3kJInp+CyPR28v3ukTBIgakT0TZZqESURzPeqNbAeeCqFTWWdSUz lZobMRRWv0MTjBP747APEhOdKFAgbVVklm/PdTOeqtNqTPpyB4PdOPaXoJXbA5hw Nog80ARNhsn+XtfQ47Akid8ELXPYdxyFXH+/QCaO2696Cnc+WWOBHxGgVen5/l1d jTuMxEk+XwouNXr/TrQMdbCC/dbGRQJPmU9FvuAymzh+Lz/vnlloYWtZICI1crnn zEoc1yn3PV96ferShX6H8Zvjqk2WdWuYGXNhxJdhP+dVW7wxGE4= =uIFy -----END PGP SIGNATURE-----
