CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-0217 – Packagekitd: use-after-free in idle function callback
https://notcve.org/view.php?id=CVE-2024-0217
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any previously stored data in this memory region is considered lost. Se encontró un fallo de use after free en PackageKitd. • https://access.redhat.com/security/cve/CVE-2024-0217 https://bugzilla.redhat.com/show_bug.cgi?id=2256624 https://github.com/PackageKit/PackageKit/commit/64278c9127e3333342b56ead99556161f7e86f79 • CWE-416: Use After Free •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-0987
https://notcve.org/view.php?id=CVE-2022-0987
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists. Se ha encontrado un fallo en PackageKit en la forma en que algunos de los métodos expuestos por la interfaz de Transacción examinan los archivos. Este problema permite a un usuario local medir el tiempo que tardan los métodos en ejecutarse y saber si se presenta un archivo propiedad de root o de otros usuarios • https://bugzilla.redhat.com/show_bug.cgi?id=2064315 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 1CVE-2020-16121 – PackageKit error messages leak presence and mimetype of files to unprivileged users
https://notcve.org/view.php?id=CVE-2020-16121
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own. PackageKit proporcionó mensajes de error detallados a llamadores no privilegiados que exponían información sobre la presencia de archivos y mimetype de archivos que el usuario no podría ser capaz de determinar por sí solo • https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1888887 https://www.eyecontrol.nl/blog/the-story-of-3-cves-in-ubuntu-desktop.html • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2020-16122 – Packagekit's apt backend lets user install untrusted local packages
https://notcve.org/view.php?id=CVE-2020-16122
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages. El backend apt de PackageKit trató erróneamente a todas las debs locales como confiables. El modelo de seguridad de apt se basa en la confianza del repositorio y no en el contenido de archivos individuales. • https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1882098 • CWE-269: Improper Privilege Management CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2011-2515
https://notcve.org/view.php?id=CVE-2011-2515
PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code. PackageKit versión 0.6.17, permite la instalación de paquetes RPM sin firmar como si estuvieran firmados, lo que puede permitir la instalación de paquetes no seguros y la ejecución de código arbitrario. • https://access.redhat.com/security/cve/cve-2011-2515 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2515 https://security-tracker.debian.org/tracker/CVE-2011-2515 https://www.securityfocus.com/bid/48557/info • CWE-732: Incorrect Permission Assignment for Critical Resource •