Critical Vulnerability Exposes Linux Systems To Root-Level Takeover

Source Domain: www.linkedin.com

A newly disclosed security flaw affecting Linux systems has raised fresh concerns about the integrity of core package management infrastructure, after researchers revealed that a vulnerability lurking for over a decade could allow attackers to escalate privileges and gain root-level control.

The flaw, dubbed “Pack2TheRoot,” has been formally tracked as CVE-2026-41651 and impacts the widely deployed PackageKit daemon—a background service responsible for managing software installation, updates, and removal across many Linux distributions. Despite being rated “medium severity,” the vulnerability carries a CVSS score of 8.8 out of 10, reflecting its potentially serious impact when exploited under the right conditions.

A 12-Year-Old Weakness in a Core Linux Component

Security researchers from the Deutsche Telekom Red Team uncovered the flaw during an internal investigation into how PackageKit processes package management requests. Their findings indicate that the vulnerability has existed since at least PackageKit version 1.0.2, released in November 2014, and remained undetected through subsequent versions up to 1.3.4.

PackageKit plays a central role in many Linux environments by acting as an abstraction layer between graphical software centers, command-line tools, and underlying package managers such as APT or DNF. Because it often runs with elevated privileges, any flaw in its logic can have far-reaching consequences.

According to the researchers, the issue stems from how PackageKit handles certain command execution pathways. Under specific conditions—particularly observed in Fedora environments—commands such as pkcon install…

Source