Lucene search
K

412 matches found

OSV
OSV
added 2026/04/29 9:45 a.m.7 views

SUSE-SU-2026:21427-1 Security update for PackageKit

This update for PackageKit fixes the following issues: - CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE bsc1262220...

8.8CVSS5.9AI score0.0046EPSS
Exploits10References3
Ubuntu
Ubuntu
added 2026/04/29 8:59 a.m.13 views

USN-8195-3: PackageKit vulnerability

USN-8195-1 fixed a vulnerability in PackageKit. This update provides the corresponding fix to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PackageKit incorrectly handled certain transactions. A local attacker could use this issue to...

8.8CVSS5.6AI score0.0046EPSS
Exploits10
OSV
OSV
added 2026/04/29 8:59 a.m.10 views

USN-8195-3 packagekit vulnerability

USN-8195-1 fixed a vulnerability in PackageKit. This update provides the corresponding fix to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PackageKit incorrectly handled certain transactions. A local attacker could use this issue to...

8.8CVSS5.6AI score0.0046EPSS
Exploits10References2
RedHat Linux
RedHat Linux
added 2026/04/29 6:33 a.m.5 views

PackageKit: race condition vulnerability leads to arbitrary package installation as root

A flaw was found in PackageKit. A time-of-check time-of-use TOCTOU race condition on transaction flags allows unprivileged users to install packages as root, resulting in a local privilege escalation...

8.8CVSS5.2AI score0.0046EPSS
Exploits10References9
RedHat Linux
RedHat Linux
added 2026/04/29 6:33 a.m.6 views

Important: Red Hat Security Advisory: PackageKit security update

An update for PackageKit is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

8.8CVSS5.5AI score0.0046EPSS
Exploits10References2
Oracle linux
Oracle linux
added 2026/04/29 12:0 a.m.18 views

PackageKit security update

1.2.6-2.0.1 - remove RHEL vendor patch PackageKit-0.3.8-RHEL-Vendor.conf.patch 1.2.6-2 - Backport fix for CVE-2026-41651. - Resolves: RHEL-170502...

8.8CVSS5.2AI score0.0046EPSS
Exploits10
Oracle linux
Oracle linux
added 2026/04/29 12:0 a.m.18 views

PackageKit security update

1.1.12-8.0.1 - removed rhel-Vendor.conf.patch 1.1.12-8 - Backport fix for CVE-2026-41651. - Resolves: RHEL-170493...

8.8CVSS5.1AI score0.0046EPSS
Exploits10
AlmaLinux
AlmaLinux
added 2026/04/29 12:0 a.m.24 views

Important: PackageKit security update

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fixes: PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 For more details abou...

8.8CVSS5.5AI score0.0046EPSS
Exploits10References4
OSV
OSV
added 2026/04/29 12:0 a.m.10 views

ALSA-2026:11635 Important: PackageKit security update

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fixes: PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 For more details abou...

8.8CVSS5.5AI score0.0046EPSS
Exploits10References4
AlmaLinux
AlmaLinux
added 2026/04/29 12:0 a.m.15 views

Important: PackageKit security update

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fixes: PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 For more details abou...

8.8CVSS5.6AI score0.0046EPSS
Exploits10References4
OSV
OSV
added 2026/04/29 12:0 a.m.8 views

ALSA-2026:11504 Important: PackageKit security update

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fixes: PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 For more details abou...

8.8CVSS5.5AI score0.0046EPSS
Exploits10References4
HackRead
HackRead
added 2026/04/28 5:22 p.m.12 views

Pack2TheRoot: 12-Year-Old Linux PackageKit Flaw Enables Full Compromise

Security experts have found a high-severity flaw named Pack2TheRoot in PackageKit that allows hackers to gain full root access on multiple Linux distributions...

5.5AI score
Exploits0
Fedora
Fedora
added 2026/04/28 1:15 a.m.7 views

[SECURITY] Fedora 42 Update: PackageKit-1.3.4-3.fc42

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...

5.3AI score
Exploits0
Fedora
Fedora
added 2026/04/28 1:0 a.m.8 views

[SECURITY] Fedora 43 Update: PackageKit-1.3.4-3.fc43

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.5 views

Fedora 43 : PackageKit (2026-7463cd3c32)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7463cd3c32 advisory. Backport fix for race condition leading to root compromise GHSA-f55j-vvr9-69xv Tenable has extracted the preceding description block directly from the Fedora...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.3 views

Fedora 42 : PackageKit (2026-41926fe792)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-41926fe792 advisory. Backport fix for race condition leading to root compromise GHSA-f55j-vvr9-69xv Tenable has extracted the preceding description block directly from the Fedora...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/04/28 12:0 a.m.4 views

OPENSUSE-SU-2026:10629-1 PackageKit-1.3.5-1.1 on GA media

These are all security issues fixed in the PackageKit-1.3.5-1.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS5.2AI score0.0046EPSS
Exploits10References1
OSV
OSV
added 2026/04/27 11:28 a.m.7 views

USN-8195-2 packagekit vulnerability

USN-8195-1 fixed a vulnerability in PackageKit. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: It was discovered that PackageKit incorrectly handled certain transactions. A local attacker could use this issue to install arbitrary packages as root,...

8.8CVSS5.4AI score0.0046EPSS
Exploits10References2
GithubExploit
GithubExploit
added 2026/04/25 3:29 a.m.232 views

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Packagekit_Project Packagekit

Pack2TheRoot Lab — CVE-2026-41651 A Dockerised, CTF-style loc...

8.8CVSS6.3AI score0.0046EPSS
Exploits10
SUSE Linux
SUSE Linux
added 2026/04/24 2:34 p.m.3 views

Security update for PackageKit

This update for PackageKit fixes the following issue: CVE-2026-41651: Do not allow re-invoking methods on non-new transactions bsc1262220. Special Instructions and Notes: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zyppe...

7.8CVSS5.3AI score0.0046EPSS
Exploits10References4
Rows per page
Query Builder