github.security.telekom.com
Critical Pack2TheRoot Vulnerability Exposes Linux Systems to Local Privilege Escalation
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A high-severity vulnerability identified as CVE-2026-41651 affects the PackageKit daemon, allowing local unprivileged users to gain root access on Linux systems. Discovered by Deutsche Telekom's Red Team, the flaw enables unauthorized installation and removal of system packages. The vulnerability has existed for nearly 12 years, affecting all PackageKit versions from 1.0.2 to 1.3.4. A patch was released in version 1.3.5, but many distributions are still vulnerable. The exploit can be triggered by executing commands like 'pkcon install' without authentication under certain conditions. Although no active exploitation has been confirmed, the vulnerability leaves observable traces in system logs. Users are urged to upgrade to the patched version immediately to mitigate risks.
Key Points: • CVE-2026-41651 allows local users to gain root access via PackageKit. • The vulnerability affects all PackageKit versions from 1.0.2 to 1.3.4. • Users should upgrade to PackageKit version 1.3.5 to mitigate the risk.