CVE-2026-41651 — PackageKit local root exploit

PackageKit <=1.3.4 contains a time-of-check/time-of-use flaw that can let a local user install or remove arbitrary packages, yielding local root privilege escalation on many Linux systems.

The vulnerability disclosure and fix release were announced on 2026-04-22, including 1.3.5 as the fixed upstream release.

When to use it

  • A Linux host, desktop image, workstation baseline, CI image, golden image, or package recipe installs PackageKit.
  • Untrusted local users, developers, CI jobs, classroom users, contractors, or support sessions can execute local code on the target system.
  • Distro backports make upstream version checks insufficient.
  • You need a bounded PR or triage note that updates host/image package state and records restart or rebuild actions.

Inputs

  • Package manifests, image build recipes, provisioning scripts, Ansible/Chef, Terraform, cloud-init, desktop baselines, package mirrors, SBOMs, and host inventory evidence.
  • Distro advisory status, installed PackageKit build, package channel, and backport metadata.
  • Local-user exposure model for workstations, shared hosts, CI/build runners, lab images, and support environments.
  • Available image build, provisioning, package policy, SBOM, deploy, and security scan commands.

Affected versions

  • Vulnerable: PackageKit <=1.3.4 (unless distro-backported patch exists)
  • Fixed: PackageKit 1.3.5+ or distro package with equivalent backport

Indicator-of-exposure

  • Host has PackageKit installed at vulnerable version.
  • Untrusted local users can execute local code (multi-user desktop, shared host, or shell access for low-privileged users).

Quick checks:

pkcon --version || packagekitd --version
apt-cache policy packagekit
dnf info PackageKit
rpm -q PackageKit

Remediation strategy

  • Upgrade PackageKit to 1.3.5+ or distro-patched package.
  • Reboot or restart PackageKit-related services after patching.
  • For sensitive systems, reduce local untrusted execution paths until all hosts are patched.

The prompt

You are remediating CVE-2026-41651 (PackageKit TOCTOU local root exploit).
Produce exactly one output:

- A PR/change request that upgrades PackageKit to a fixed release and includes
  operator actions, or
- TRIAGE.md if upgrade cannot currently be completed.

## Constraints

- Scope only this CVE.
- Respect distro-specific backports; do not assume upstream version string is
  the only truth.
- Do not auto-merge.

## Steps

1. Detect PackageKit version on target image/host build recipe.
2. Check distro advisory/package metadata for a patched build.
3. If vulnerable:
   - Update package source/version to patched PackageKit (`>=1.3.5` or distro
     equivalent).
   - Include required service restart/reboot instructions for operator.
4. Add a short risk note if host is multi-user and was exposed to untrusted
   local users.
5. Validate provisioning scripts or image build succeeds.
6. Output PR title:
   `fix(sec): remediate CVE-2026-41651 (PackageKit)`.

## Stop conditions

- No patched package is available in the target distro channel.
- Target system does not include PackageKit.
- Build/test failures are unrelated and pre-existing.

Verification — what the reviewer looks for

  • Target package now resolves to patched PackageKit build.
  • Build/deploy pipeline for image or host config still passes.
  • PR body documents restart/reboot action and local-user risk context.

Output contract

  • Reviewer-ready PR updating PackageKit to 1.3.5+ or a distro-confirmed patched backport in all controlled host/image recipes.
  • Evidence that provisioning, image build, package policy, and SBOM outputs no longer resolve a vulnerable PackageKit build.
  • Operator notes for service restart or reboot, golden image rebuild, local-user exposure, and any hosts requiring manual rollout.
  • TRIAGE.md when a patched package is unavailable, the target does not include PackageKit, or ownership sits outside this repository.

Watch for

  • Distro backports where the package version string remains below 1.3.5 but the vendor advisory marks the build fixed.
  • Desktop or workstation images that install PackageKit indirectly through a package-management GUI.
  • Treating single-user developer laptops and shared CI/build hosts the same; local privilege-escalation risk depends heavily on who can run local code.
  • Forgetting to restart PackageKit-related services or rebuild golden images after updating the package source.

References