7 matches found
Astra Linux – Vulnerability in PackageKit
PackageKit is a D-Bus abstraction layer that allows users to manage packages in a secure manner using a cross-distro, cross-architecture API. PackageKit in versions 1.0.2 through 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition involving transaction flags, which allows...
CVE-2026-10294
A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function gfiletest of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclose...
CVE-2026-10294 PackageKit API pk-transaction.c g_file_test improper authorization
A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function gfiletest of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclose...
CVE-2026-10294
A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function gfiletest of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclose...
PackageKit 授权问题漏洞
PackageKit is an open-source system for installing and updating software. Versions of PackageKit 1.3.5 and earlier have a licensing issue vulnerability. This vulnerability stems from incorrect handling of the parameter ‘frontend-socket’ in the function gfiletest within the API component file...
CVE-2026-41651
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...
EUVD-2026-24742
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...