OPENSUSE-FU-2026:20453-1 Feature update for himmelblau

This update for himmelblau fixes the following issues: Update to himmelblau 2.3.8 jscPED-14511: Security issues: - CVE-2025-54882: world readable cloud TGT token bsc1247735. - CVE-2025-58160: tracing-subscriber: Tracing log pollution bsc1249013. - CVE-2026-25727: time: parsing of user-provided...

CVE-2026-31979

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-tasks daemon, running as root, writes Kerberos cache files under /tmp/krb5cc without symlink protections. Since commit 87a51ee, PrivateTmp is explicitly removed from the task...

CVE-2026-3888

A privilege escalation flaw has been discovered in snapd. This local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. Mitigation Mitigation...

USN-8102-2 snapd regression

USN-8102-1 fixed a vulnerability in snapd. The update caused a regresision for Ubuntu 24.04 LTS while installing the package. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Qualys discovered that snapd incorrectly handled certain operations in the...

EUVD-2026-12570

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS...

CVE-2026-3888 Local Privilege Escalation in snapd

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS...

CVE-2026-3888 Local Privilege Escalation in snapd

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS...

Linux Distros Unpatched Vulnerability : CVE-2026-3888

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is...

Canonical Ubuntu Linux 安全漏洞

Canonical Ubuntu Linux is a set of Linux operating systems developed by the British company Canonical. Canonical Ubuntu Linux has security vulnerabilities. These vulnerabilities stem from the fact that snapd allows local attackers to re-create the private/tmp directories for snaps when...

CVE-2026-31979

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-tasks daemon, running as root, writes Kerberos cache files under /tmp/krb5cc without symlink protections. Since commit 87a51ee, PrivateTmp is explicitly removed from the task...

CVE-2026-31979 himmelblaud-tasks: local privilege escalation via /tmp symlink attack on Kerberos ccache

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-tasks daemon, running as root, writes Kerberos cache files under /tmp/krb5cc without symlink protections. Since commit 87a51ee, PrivateTmp is explicitly removed from the task...

USN-5753-1 snapd vulnerability

The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code...

DEBIAN-CVE-2019-11502

snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory...