CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-0217 – Packagekitd: use-after-free in idle function callback
https://notcve.org/view.php?id=CVE-2024-0217
03 Jan 2024 — A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any previously stored data in this memory region is considered lost. Se encontró un fallo de use after free en PackageKitd. • https://access.redhat.com/security/cve/CVE-2024-0217 • CWE-416: Use After Free •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-0987
https://notcve.org/view.php?id=CVE-2022-0987
28 Jun 2022 — A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists. Se ha encontrado un fallo en PackageKit en la forma en que algunos de los métodos expuestos por la interfaz de Transacción examinan los archivos. Este problema permite a un usuario local medir el tiempo que tardan los métodos en ejecutarse y saber si se pre... • https://bugzilla.redhat.com/show_bug.cgi?id=2064315 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 1CVE-2020-16121 – PackageKit error messages leak presence and mimetype of files to unprivileged users
https://notcve.org/view.php?id=CVE-2020-16121
24 Sep 2020 — PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own. PackageKit proporcionó mensajes de error detallados a llamadores no privilegiados que exponían información sobre la presencia de archivos y mimetype de archivos que el usuario no podría ser capaz de determinar por sí solo Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker coul... • https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1888887 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2020-16122 – Packagekit's apt backend lets user install untrusted local packages
https://notcve.org/view.php?id=CVE-2020-16122
24 Sep 2020 — PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages. El backend apt de PackageKit trató erróneamente a todas las debs locales como confiables. El modelo de seguridad de apt se basa en la confianza del repositorio y no en el contenido de archivos individuales. • https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1882098 • CWE-269: Improper Privilege Management CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2011-2515
https://notcve.org/view.php?id=CVE-2011-2515
27 Nov 2019 — PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code. PackageKit versión 0.6.17, permite la instalación de paquetes RPM sin firmar como si estuvieran firmados, lo que puede permitir la instalación de paquetes no seguros y la ejecución de código arbitrario. • https://access.redhat.com/security/cve/cve-2011-2515 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2018-1106 – PackageKit: authentication bypass allows to install signed packages without administrator privileges
https://notcve.org/view.php?id=CVE-2018-1106
23 Apr 2018 — An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system. Se ha encontrado un fallo de omisión de autenticación en PackageKit, en versiones anteriores a la 1.1.10, que permite que usuarios con privilegios de administrador instalen paquetes firmados. Un atacante local puede emplear esta vulnerabilidad para inst... • http://www.openwall.com/lists/oss-security/2018/04/23/3 • CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2013-1764
https://notcve.org/view.php?id=CVE-2013-1764
16 Apr 2014 — The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method. El backend Zypper (también conocido como zypp) en PackageKit anterior a 0.8.8 permite a usuarios locales degradar paquetes a través del método "instalar actualizaciones". • http://lists.opensuse.org/opensuse-updates/2013-06/msg00026.html • CWE-264: Permissions, Privileges, and Access Controls •