13 matches found
PackageKit: race condition vulnerability leads to arbitrary package installation as root
A flaw was found in PackageKit. A time-of-check time-of-use TOCTOU race condition on transaction flags allows unprivileged users to install packages as root, resulting in a local privilege escalation...
PackageKit: race condition vulnerability leads to arbitrary package installation as root
A flaw was found in PackageKit. A time-of-check time-of-use TOCTOU race condition on transaction flags allows unprivileged users to install packages as root, resulting in a local privilege escalation...
PackageKit: race condition vulnerability leads to arbitrary package installation as root
A flaw was found in PackageKit. A time-of-check time-of-use TOCTOU race condition on transaction flags allows unprivileged users to install packages as root, resulting in a local privilege escalation...
CLSA-2026-1778773906 PackageKit: Fix of CVE-2026-41651
CVE-2026-41651: fix TOCTOU race on cached transaction flags that allowed unprivileged users to install arbitrary RPM packages as root via the PackageKit D-Bus interface, leading to local privilege escalation; reject re-invocation of action methods on transactions that have left the NEW state...
PackageKit: race condition vulnerability leads to arbitrary package installation as root
A flaw was found in PackageKit. A time-of-check time-of-use TOCTOU race condition on transaction flags allows unprivileged users to install packages as root, resulting in a local privilege escalation...
OESA-2026-2140 PackageKit security update
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API. Security Fixes: PackageKit is a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro,...
SUSE CVE-2026-41651
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...
CVE-2026-41651
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...
CVE-2026-41651
CVE-2026-41651 concerns PackageKit, a D-Bus abstraction layer for cross-distro package management. The vulnerability affects versions 1.0.2 through 1.3.4 and enables local privilege escalation via a TOCTOU race on transaction flags, allowing an unprivileged user to install packages as root (inclu...
CVE-2026-41651 PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...
CVE-2026-41651
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...
PackageKit 安全漏洞
PackageKit is an open-source system for installing and updating software. Versions 1.0.2 to 1.3.4 of PackageKit contain security vulnerabilities. These vulnerabilities stem from race conditions in transaction flags, which may allow unauthorized users with root privileges to install software...
PT-2026-34331
Name of the Vulnerable Software and Affected Versions PackageKit versions 1.0.2 through 1.3.4 Description PackageKit is a D-Bus abstraction layer used to manage packages across different distributions and architectures. A time-of-check time-of-use TOCTOU race condition exists in the handling of...