[SECURITY] Fedora 44 Update: PackageKit-1.3.4-3.fc44

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...

SUSE CVE-2026-41651

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...

Fedora 44 : PackageKit (2026-6c121b3d4c)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6c121b3d4c advisory. Backport fix for race condition leading to root compromise GHSA-f55j-vvr9-69xv Tenable has extracted the preceding description block directly from the Fedora...

Exploit for CVE-2026-41651

Pack2TheRoot — CVE-2026-41651 TOCTOU race condition in Pack...

Exploit for CVE-2026-41651

CVE-2026-41651 — PackageKit Local Privilege Escalation pa...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : PackageKit vulnerability (USN-8195-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8195-1 advisory. It was discovered that PackageKit incorrectly handled certain transactions. A local attacker could use this issue to install arbitrary package...

CVE-2026-41651

A flaw was found in PackageKit. A time-of-check time-of-use TOCTOU race condition on transaction flags allows unprivileged users to install packages as root, resulting in a local privilege escalation. Mitigation To mitigate this vulnerability, mask the PackageKit service. Note that graphical...

CVE-2026-41651

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...

CVE-2026-41651

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...

CVE-2026-41651 PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...

EUVD-2026-24742

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...

CVE-2026-41651

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...

CVE-2026-41651 PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...

[SECURITY] [DLA 4545-1] packagekit security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4545-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz April 22, 2026 https://wiki.debian.org/LTS -...

[SECURITY] [DSA 6226-1] packagekit security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6226-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 22, 2026 https://www.debian.org/security/faq -...

USN-8195-1 packagekit vulnerability

It was discovered that PackageKit incorrectly handled certain transactions. A local attacker could use this issue to install arbitrary packages as root, possibly resulting in privilege escalation...

PackageKit 安全漏洞

PackageKit is an open-source system for installing and updating software. Versions 1.0.2 to 1.3.4 of PackageKit contain security vulnerabilities. These vulnerabilities stem from race conditions in transaction flags, which may allow unauthorized users with root privileges to install software...

Linux Distros Unpatched Vulnerability : CVE-2026-41651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit betwe...

Debian dsa-6226 : gir1.2-packagekitglib-1.0 - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6226 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6226-1 [email protected] https://www.debian.org/security/...

Debian dla-4545 : gir1.2-packagekitglib-1.0 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4545 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4545-1 [email protected] https://www.debian.org/lts/security/...