Brand ClaimErleben, was verbindet

Advisory 2026-1211 - PackageKit: Vulnerability allows privilege escalation

Notice: You can now also find information from the Vulnerability Advisory Service in the CTI portal!
The CTI portal is available at the following address: https://cti-portal.telekom.net/advisories/2026-1211
Notice: This advisory is by exception shown completely public. You will regularly receive details on vulnerability information as a customer via your login or through our daily advisory e-mail.
3
Attack probability
medium
5
Potential damage
high
local attackerExploit available
Date
2026-04-22
Release
2026-06-02 UPDATE

Operating System

  • Linux

Software

  • Open Source PackageKit < 1.3.5
  • UPDATE 2026-04-23
  • Debian Linux
  • Fedora Linux
  • Red Hat Enterprise Linux
  • Ubuntu Linux
  • UPDATE 2026-04-27
  • SUSE Linux
  • UPDATE 2026-04-30
  • Oracle Linux
  • UPDATE 2026-05-04
  • RESF Rocky Linux
  • SUSE openSUSE
  • UPDATE 2026-05-15
  • Amazon Linux 2

Attack

A local attacker can exploit a vulnerability in PackageKit in order to elevate his privileges.

Description

PackageKit is a collection of tools and libraries designed to simplify software installation, update, and removal across various Linux distributions.

CVE-2026-41651

There is a vulnerability in PackageKit due to a race condition. A local attacker can exploit this to install arbitrary packages as root and leading to a privilege escalation.

CVSSv2 Base Score: 6.8 / Temporal Score: 5.3
AV:L/AC:L/AU:S/C:C/I:C/A:C/E:POC/RL:OF/RC:ND
CVSSv3.1 Base Score: 8.8 / Temporal Score: 7.9
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:X

UPDATE 2026-04-23
PoC code exploiting this vulnerability is available on the Internet.

Recommendation

The developers provide updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://github.com/PackageKit/PackageKit/releases/tag/v1.3.5

UPDATE 2026-04-23

Debian provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://lists.debian.org/debian-lts-announce/2026/04/msg00026.html

Fedora provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-41926fe792
https://bodhi.fedoraproject.org/updates/FEDORA-2026-6c121b3d4c

Debian provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://lists.debian.org/debian-security-announce/2026/msg00136.html

Fedora provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-7463cd3c32

Ubuntu provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://bugs.launchpad.net/bugs/cve/2026-41651

There is currently no update or patch available to fix this vulnerability in Red Hat Enterprise Linux.
https://access.redhat.com/security/cve/cve-2026-41651

UPDATE 2026-04-27

SUSE provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://lists.suse.com/pipermail/sle-security-updates/2026-April/025643.html

UPDATE 2026-04-29

Red Hat provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://access.redhat.com/errata/RHSA-2026:11504
https://access.redhat.com/errata/RHSA-2026:11635

Ubuntu provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://ubuntu.com/security/notices/USN-8195-3

UPDATE 2026-04-30

Oracle Linux provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://linux.oracle.com/errata/ELSA-2026-11504.html
https://linux.oracle.com/errata/ELSA-2026-11635.html

UPDATE 2026-05-04

Rocky Enterprise Software Foundation provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://errata.build.resf.org/RLSA-2026:11635
https://errata.build.resf.org/RLSA-2026:11504

openSUSE provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GMDY7ZFLLTZRQFFHN6Z7ZB63DVDXPQXN/

SUSE provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://lists.suse.com/pipermail/sle-security-updates/2026-May/025823.html

UPDATE 2026-05-07
https://lists.suse.com/pipermail/sle-security-updates/2026-May/025849.html
https://lists.suse.com/pipermail/sle-security-updates/2026-May/025848.html

UPDATE 2026-05-15

Red Hat provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://access.redhat.com/errata/RHSA-2026:17561
https://access.redhat.com/errata/RHSA-2026:17560
https://access.redhat.com/errata/RHSA-2026:17558

Amazon provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://alas.aws.amazon.com/AL2/ALAS2-2026-3282.html

UPDATE 2026-05-18

Red Hat provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://access.redhat.com/errata/RHSA-2026:18036
https://access.redhat.com/errata/RHSA-2026:18024

UPDATE 2026-05-19
https://access.redhat.com/errata/RHSA-2026:18031

SUSE provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://lists.suse.com/pipermail/sle-security-updates/2026-May/026116.html
https://lists.suse.com/pipermail/sle-security-updates/2026-May/026138.html

UPDATE 2026-05-20

Red Hat provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://access.redhat.com/errata/RHSA-2026:19454
https://access.redhat.com/errata/RHSA-2026:19354
https://access.redhat.com/errata/RHSA-2026:19141

Rocky Enterprise Software Foundation provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://errata.build.resf.org/RLSA-2026:19354

UPDATE 2026-05-21

Red Hat provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
https://access.redhat.com/errata/RHSA-2026:19601

UPDATE 2026-06-02
https://access.redhat.com/errata/RHSA-2026:22146

Information

GitHub PackageKit Commit dated 2026-04-21
https://github.com/PackageKit/PackageKit/commit/d9cae13b326238488bf06fb5bf458cfeeaf71869

Telekom Security Blog dated 2026-04-21
https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html

GitHub Security Advisory GHSA-f55j-vvr9-69xv dated 2026-04-22
https://github.com/PackageKit/PackageKit/security/advisories/GHSA-f55j-vvr9-69xv

UPDATE 2026-04-23

Debian Security Advisory DLA-4545 dated 2026-04-23
https://lists.debian.org/debian-lts-announce/2026/04/msg00026.html

Fedora Security Advisory FEDORA-2026-41926FE792 dated 2026-04-22
https://bodhi.fedoraproject.org/updates/FEDORA-2026-41926fe792

Fedora Security Advisory FEDORA-2026-6C121B3D4C dated 2026-04-22
https://bodhi.fedoraproject.org/updates/FEDORA-2026-6c121b3d4c

Debian Security Advisory DSA-6226 dated 2026-04-23
https://lists.debian.org/debian-security-announce/2026/msg00136.html

Fedora Security Advisory FEDORA-2026-7463CD3C32 dated 2026-04-22
https://bodhi.fedoraproject.org/updates/FEDORA-2026-7463cd3c32

Ubuntu CVE Tracker
https://bugs.launchpad.net/bugs/cve/2026-41651

Red Hat Customer Portal
https://access.redhat.com/security/cve/cve-2026-41651

PoC dated 2026-04-22
https://github.com/Vozec/CVE-2026-41651/

UPDATE 2026-04-27

SUSE Security Update SUSE-SU-2026:1619-1 dated 2026-04-24
https://lists.suse.com/pipermail/sle-security-updates/2026-April/025643.html

UPDATE 2026-04-29

Red Hat Security Advisory RHSA-2026:11504 dated 2026-04-29
https://access.redhat.com/errata/RHSA-2026:11504

Red Hat Security Advisory RHSA-2026:11635 dated 2026-04-29
https://access.redhat.com/errata/RHSA-2026:11635

Ubuntu Security Notice USN-8195-3 dated 2026-04-29
https://ubuntu.com/security/notices/USN-8195-3

UPDATE 2026-04-30

Oracle Linux Security Advisory ELSA-2026-11504 dated 2026-04-29
https://linux.oracle.com/errata/ELSA-2026-11504.html

Oracle Linux Security Advisory ELSA-2026-11635 dated 2026-04-30
https://linux.oracle.com/errata/ELSA-2026-11635.html

UPDATE 2026-05-04

Rocky Linux Security Advisory RLSA-2026:11635 dated 2026-04-30
https://errata.build.resf.org/RLSA-2026:11635

Rocky Linux Security Advisory RLSA-2026:11504 dated 2026-04-30
https://errata.build.resf.org/RLSA-2026:11504

openSUSE Security Update OPENSUSE-SU-2026:20646-1 dated 2026-04-30
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GMDY7ZFLLTZRQFFHN6Z7ZB63DVDXPQXN/

SUSE Security Update SUSE-SU-2026:21427-1 dated 2026-05-04
https://lists.suse.com/pipermail/sle-security-updates/2026-May/025823.html

UPDATE 2026-05-07

SUSE Security Update SUSE-SU-2026:1700-1 dated 2026-05-06
https://lists.suse.com/pipermail/sle-security-updates/2026-May/025849.html

SUSE Security Update SUSE-SU-2026:1701-1 dated 2026-05-06
https://lists.suse.com/pipermail/sle-security-updates/2026-May/025848.html

UPDATE 2026-05-15

Red Hat Security Advisory RHSA-2026:17561 dated 2026-05-14
https://access.redhat.com/errata/RHSA-2026:17561

Red Hat Security Advisory RHSA-2026:17560 dated 2026-05-14
https://access.redhat.com/errata/RHSA-2026:17560

Red Hat Security Advisory RHSA-2026:17558 dated 2026-05-14
https://access.redhat.com/errata/RHSA-2026:17558

Amazon Linux Security Advisory ALAS2-2026-3282 dated 2026-05-14
https://alas.aws.amazon.com/AL2/ALAS2-2026-3282.html

UPDATE 2026-05-18

Red Hat Security Advisory RHSA-2026:18036 dated 2026-05-18
https://access.redhat.com/errata/RHSA-2026:18036

Red Hat Security Advisory RHSA-2026:18024 dated 2026-05-18
https://access.redhat.com/errata/RHSA-2026:18024

UPDATE 2026-05-19

Red Hat Security Advisory RHSA-2026:18031 dated 2026-05-18
https://access.redhat.com/errata/RHSA-2026:18031

SUSE Security Update SUSE-SU-2026:1939-1 dated 2026-05-18
https://lists.suse.com/pipermail/sle-security-updates/2026-May/026116.html

SUSE Security Update SUSE-SU-2026:1619-2 dated 2026-05-18
https://lists.suse.com/pipermail/sle-security-updates/2026-May/026138.html

UPDATE 2026-05-20

Red Hat Security Advisory RHSA-2026:19454 dated 2026-05-20
https://access.redhat.com/errata/RHSA-2026:19454

Red Hat Security Advisory RHSA-2026:19354 dated 2026-05-20
https://access.redhat.com/errata/RHSA-2026:19354

Red Hat Security Advisory RHSA-2026:19141 dated 2026-05-19
https://access.redhat.com/errata/RHSA-2026:19141

Rocky Linux Security Advisory RLSA-2026:19354 dated 2026-05-20
https://errata.build.resf.org/RLSA-2026:19354

UPDATE 2026-05-21

Red Hat Security Advisory RHSA-2026:19601 dated 2026-05-20
https://access.redhat.com/errata/RHSA-2026:19601

UPDATE 2026-06-02

Red Hat Security Advisory RHSA-2026:22146 dated 2026-06-01
https://access.redhat.com/errata/RHSA-2026:22146

References

AMAZONLINUX:ALAS2-2026-3282
CVE:CVE-2026-41651
DEBIAN:DLA-4545
DEBIAN:DSA-6226
EUVD:EUVD-2026-24742
FEDORA:FEDORA-2026-41926FE792
FEDORA:FEDORA-2026-6C121B3D4C
FEDORA:FEDORA-2026-7463CD3C32
GITHUB:GHSA-F55J-VVR9-69XV
OPENSUSE:OPENSUSE-SU-2026:20646-1
ORACLELINUX:ELSA-2026-11504
ORACLELINUX:ELSA-2026-11635
REDHAT:RHSA-2026:11504
REDHAT:RHSA-2026:11635
REDHAT:RHSA-2026:17558
REDHAT:RHSA-2026:17560
REDHAT:RHSA-2026:17561
REDHAT:RHSA-2026:18024
REDHAT:RHSA-2026:18031
REDHAT:RHSA-2026:18036
REDHAT:RHSA-2026:19141
REDHAT:RHSA-2026:19354
REDHAT:RHSA-2026:19454
REDHAT:RHSA-2026:19601
REDHAT:RHSA-2026:22146
REDHAT-BUG:2460604
ROCKYLINUX:RLSA-2026:11504
ROCKYLINUX:RLSA-2026:11635
ROCKYLINUX:RLSA-2026:19354
SUSE:SUSE-SU-2026:1619-1
SUSE:SUSE-SU-2026:1619-2
SUSE:SUSE-SU-2026:1700-1
SUSE:SUSE-SU-2026:1701-1
SUSE:SUSE-SU-2026:1939-1
SUSE:SUSE-SU-2026:21427-1
UBUNTU:USN-8195-3
VULNAME:PACK2THEROOT

Disclaimer

*The probability of an attack is determined by the attacker's motivation, the necessary expend and the possibilities for an attack. The damage probability is determined by the expend needed to resolute the attack and probable indirect consequences of an attack for business processes. Telekom Security assumes worst case scenarios.

Copyright © 1999-2026 Deutsche Telekom Security GmbH. All rights reserved. Reproduction and distribution of this publication in any form - even in parts - without prior written permission is forbidden.

The information contained herein has been obtained from sources believed to be reliable and trusted or have been verified. Telekom Security can take liability for completeness, accuracy and correctness only in so far, as gross negligence or intention create liability. Any liability beyond it, in particular possible damages resulting from using or non-usability of the information contained herein, is excluded.