412 matches found
SUSE-SU-2026:21427-1 Security update for PackageKit
This update for PackageKit fixes the following issues: - CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE bsc1262220...
USN-8195-3: PackageKit vulnerability
USN-8195-1 fixed a vulnerability in PackageKit. This update provides the corresponding fix to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PackageKit incorrectly handled certain transactions. A local attacker could use this issue to...
USN-8195-3 packagekit vulnerability
USN-8195-1 fixed a vulnerability in PackageKit. This update provides the corresponding fix to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PackageKit incorrectly handled certain transactions. A local attacker could use this issue to...
PackageKit: race condition vulnerability leads to arbitrary package installation as root
A flaw was found in PackageKit. A time-of-check time-of-use TOCTOU race condition on transaction flags allows unprivileged users to install packages as root, resulting in a local privilege escalation...
Important: Red Hat Security Advisory: PackageKit security update
An update for PackageKit is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
PackageKit security update
1.2.6-2.0.1 - remove RHEL vendor patch PackageKit-0.3.8-RHEL-Vendor.conf.patch 1.2.6-2 - Backport fix for CVE-2026-41651. - Resolves: RHEL-170502...
PackageKit security update
1.1.12-8.0.1 - removed rhel-Vendor.conf.patch 1.1.12-8 - Backport fix for CVE-2026-41651. - Resolves: RHEL-170493...
Important: PackageKit security update
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fixes: PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 For more details abou...
ALSA-2026:11635 Important: PackageKit security update
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fixes: PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 For more details abou...
Important: PackageKit security update
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fixes: PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 For more details abou...
ALSA-2026:11504 Important: PackageKit security update
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fixes: PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 For more details abou...
Pack2TheRoot: 12-Year-Old Linux PackageKit Flaw Enables Full Compromise
Security experts have found a high-severity flaw named Pack2TheRoot in PackageKit that allows hackers to gain full root access on multiple Linux distributions...
[SECURITY] Fedora 42 Update: PackageKit-1.3.4-3.fc42
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...
[SECURITY] Fedora 43 Update: PackageKit-1.3.4-3.fc43
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...
Fedora 43 : PackageKit (2026-7463cd3c32)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7463cd3c32 advisory. Backport fix for race condition leading to root compromise GHSA-f55j-vvr9-69xv Tenable has extracted the preceding description block directly from the Fedora...
Fedora 42 : PackageKit (2026-41926fe792)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-41926fe792 advisory. Backport fix for race condition leading to root compromise GHSA-f55j-vvr9-69xv Tenable has extracted the preceding description block directly from the Fedora...
OPENSUSE-SU-2026:10629-1 PackageKit-1.3.5-1.1 on GA media
These are all security issues fixed in the PackageKit-1.3.5-1.1 package on the GA media of openSUSE Tumbleweed...
USN-8195-2 packagekit vulnerability
USN-8195-1 fixed a vulnerability in PackageKit. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: It was discovered that PackageKit incorrectly handled certain transactions. A local attacker could use this issue to install arbitrary packages as root,...
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Packagekit_Project Packagekit
Pack2TheRoot Lab — CVE-2026-41651 A Dockerised, CTF-style loc...
Security update for PackageKit
This update for PackageKit fixes the following issue: CVE-2026-41651: Do not allow re-invoking methods on non-new transactions bsc1262220. Special Instructions and Notes: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zyppe...