Privilege Escalation Vulnerabilities in PackageKit for Ubuntu and Debian

Severity: Medium (Score: 57.8)

Sources: Linuxsecurity

Summary

Recent security advisories reveal vulnerabilities in PackageKit affecting Ubuntu and Debian systems. Ubuntu versions 25.10, 24.04 LTS, and 22.04 LTS are impacted by a flaw that allows local attackers to install packages as root, potentially leading to privilege escalation. This issue arises from incorrect handling of transactions within PackageKit. Debian 11 (Bullseye) also faces a similar risk due to a TOCTOU race condition, which has been addressed in the latest updates. Users are advised to upgrade their PackageKit installations to mitigate these vulnerabilities. The recommended package versions for Ubuntu and Debian have been provided in the advisories. A system reboot is necessary after applying the updates to ensure changes take effect. The vulnerabilities underscore the importance of timely updates to maintain system security. Key Points: • Ubuntu and Debian systems are affected by privilege escalation vulnerabilities in PackageKit. • Local attackers can exploit these flaws to install arbitrary packages as root. • Users must update their PackageKit versions and reboot systems to apply fixes.

Key Entities

• Privilege Escalation (attack_type)
• CWE-269 - Improper Privilege Management (cwe)
• Cwe-362 - Race Condition (cwe)
• T1068 - Exploitation for Privilege Escalation (mitre_attack)
• Ubuntu (company)