Important: PackageKit

Issue Overview: PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transacti...

RHEL 8 : PackageKit (RHSA-2026:17560)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:17560 advisory. PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architectu...

RHEL 8 : PackageKit (RHSA-2026:17561)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:17561 advisory. PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architectu...

SUSE SLES12 Security Update : PackageKit (SUSE-SU-2026:1701-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1701-1 advisory. This update for PackageKit fixes the following issue: - CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can le...

SUSE SLES15 Security Update : PackageKit (SUSE-SU-2026:1700-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1700-1 advisory. This update for PackageKit fixes the following issue: - CVE-2026-41651: race condition allows for arbitrary RPM package installation as root...

Low: PackageKit

Issue Overview: A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other...

Amazon Linux 2023 : PackageKit, PackageKit-command-not-found, PackageKit-cron (ALAS2023-2026-1692)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1692 advisory. A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions tha...

Astra Linux - уязвимость в packagekit

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...

Security update for PackageKit

This update for PackageKit fixes the following issue: CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE bsc1262220. Special Instructions and Notes: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

SUSE-SU-2026:1701-1 Security update for PackageKit

This update for PackageKit fixes the following issue: - CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE bsc1262220...

Security update for PackageKit

This update for PackageKit fixes the following issue: CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE bsc1262220. Special Instructions and Notes: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

SUSE-SU-2026:1700-1 Security update for PackageKit

This update for PackageKit fixes the following issue: - CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE bsc1262220...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Packagekit_Project Packagekit

CVE-2026-41651 — Pack2TheRoot Analysis PackageKit Local P...

SUSE SLES16 Security Update : PackageKit (SUSE-SU-2026:21427-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:21427-1 advisory. - CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE bsc1262220. Tenable has extracte...

MiracleLinux 9 : PackageKit-1.2.6-2.el9_7 (AXSA:2026-537:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-537:02 advisory. PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 Tenable has extracted the preceding description block...

MiracleLinux 8 : PackageKit-1.1.12-8.el8_10 (AXSA:2026-529:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-529:01 advisory. PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 Tenable has extracted the preceding description block...

Astra Linux – Vulnerability in PackageKit

PackageKit’s apt backend mistakenly treats all local deb files as trustworthy. The apt security model is based on repository trust, not the contents of individual files. On sites where PolicyKit rules are configured, this could allow users to install malicious packages...

OESA-2026-2140 PackageKit security update

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API. Security Fixes: PackageKit is a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro,...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Packagekit_Project Packagekit

No d...

openSUSE 16 Security Update : PackageKit (openSUSE-SU-2026:20646-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20646-1 advisory. - CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE bsc1262220. Tenable has extracted the precedi...