{"id":235270,"date":"2026-04-24T15:48:00","date_gmt":"2026-04-24T19:48:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/24\/12-year-old-pack2theroot-bug-lets-linux-users-gain-root-privileges\/"},"modified":"2026-04-24T17:05:10","modified_gmt":"2026-04-24T21:05:10","slug":"12-year-old-pack2theroot-bug-lets-linux-users-gain-root-privileges","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/24\/12-year-old-pack2theroot-bug-lets-linux-users-gain-root-privileges\/","title":{"rendered":"12-year-old Pack2TheRoot bug lets Linux users gain root privileges"},"content":{"rendered":"<p><a href=\"https:\/\/securityaffairs.com\/191231\/security\/12-year-old-pack2theroot-bug-lets-linux-users-gain-root-privileges.html\">12-year-old Pack2TheRoot bug lets Linux users gain root privileges<\/a><\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/191231\/security\/12-year-old-pack2theroot-bug-lets-linux-users-gain-root-privileges.html\">https:\/\/securityaffairs.com\/191231\/security\/12-year-old-pack2theroot-bug-lets-linux-users-gain-root-privileges.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-24 15:48:00<\/a><\/p>\n<p>Source Domain: <a href=\"securityaffairs.com\">securityaffairs.com<\/a><\/p>\n<p><h2>12-year-old Pack2TheRoot bug lets Linux users gain root privileges<\/h2>\n<\/p>\n<p>\t\t\t\t\t\t\t<span> Pierluigi Paganini<\/span><br \/>\n\t\t\t\t\t\t\t<span><img decoding=\"async\" src=\"https:\/\/securityaffairs.com\/wp-content\/themes\/security_affairs\/images\/clock-icon.svg\" alt=\"\"\/> April 24, 2026<\/span><\/p>\n<p>\t\t\t\t\t\t<img decoding=\"async\" class=\"img-fluid mb-4\" src=\"https:\/\/i0.wp.com\/securityaffairs.com\/wp-content\/uploads\/2026\/04\/image-78.png?fit=762%2C837&#038;ssl=1\" alt=\"\"\/><\/p>\n<h2 class=\"wp-block-heading\">\u2018Pack2TheRoot\u2019 flaw lets local Linux users gain root via PackageKit. CVE-2026-41651 (8.8) has existed for nearly 12 years.<\/h2>\n<p>The Pack2TheRoot flaw, tracked as CVE-2026-41651, lets unprivileged users install or remove system packages without authorization, potentially gaining full root access. <\/p>\n<p>The vulnerability is rated high severity, CVSS score of 8.8, and has existed for nearly 12 years.<\/p>\n<p>Discovered by Deutsche Telekom\u2019s Red Team, it stems from PackageKit allowing commands like \u201cpkcon install\u201d to run without a password on some systems. Researchers used AI (Claude Opus) to explore the issue, confirmed it manually, and responsibly disclosed it to maintainers, who validated the flaw.<\/p>\n<p>\u201cToday we publicly disclose a high-severity vulnerability (CVSS 3.1: 8.8) \u2013 in coordination with distro maintainers \u2013 that affects multiple Linux distributions in their default installations. The Pack2TheRoot vulnerability can be exploited by any local unprivileged user to obtain root access on a vulnerable system.\u201d reads the advisory published by Deutsche Telekom. \u201cThe vulnerability lies in the\u00a0PackageKit daemon, a cross-distro package management abstraction layer.<\/p>\n<p>Details of the Pack2TheRoot flaw were disclosed alongside a fix in PackageKit 1.3.5, though exploit code was withheld to allow patching. Deutsche Telekom researchers found that PackageKit could run commands like \u201cpkcon install\u201d without authentication in some cases on Fedora, enabling package installation. The researchers used the Claude Opus AI tool to explore this behavior further and identified the vulnerability as CVE-2026-41651.<\/p>\n<p>All PackageKit versions from 1.0.2 to 1.3.4 are vulnerable, affecting many Linux distributions for over 12 years. Tested systems include Ubuntu, Debian, Fedora, and Rocky Linux, and others&#8230;<\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/191231\/security\/12-year-old-pack2theroot-bug-lets-linux-users-gain-root-privileges.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>12-year-old Pack2TheRoot bug lets Linux users gain root privileges https:\/\/securityaffairs.com\/191231\/security\/12-year-old-pack2theroot-bug-lets-linux-users-gain-root-privileges.html Publish Date: 2026-04-24 15:48:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":235271,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2026\/04\/image-78.png","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[90,91,31,97,89,71,112,57,79,27],"class_list":["post-235270","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-cve","tag-debian","tag-exploit","tag-fedora","tag-flaw","tag-linux","tag-rocky-linux","tag-security","tag-ubuntu","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/235270"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=235270"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/235270\/revisions"}],"predecessor-version":[{"id":235272,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/235270\/revisions\/235272"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/235271"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=235270"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=235270"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=235270"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}