Home / mailings [USN-8195-1] PackageKit vulnerability
Posted on 22 April 2026
Ubuntu Security==========================================================================Ubuntu Security Notice USN-8195-1
April 22, 2026
packagekit vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
PackageKit could be made to install packages as the administrator.
Software Description:
- packagekit: Provides a package management service
Details:
It was discovered that PackageKit incorrectly handled certain transactions.
A local attacker could use this issue to install arbitrary packages as
root, possibly resulting in privilege escalation.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
packagekit 1.3.1-1ubuntu1.1
Ubuntu 24.04 LTS
packagekit 1.2.8-2ubuntu1.5
Ubuntu 22.04 LTS
packagekit 1.2.5-2ubuntu3.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8195-1
https://launchpad.net/bugs/2149908
Package Information:
https://launchpad.net/ubuntu/+source/packagekit/1.3.1-1ubuntu1.1
https://launchpad.net/ubuntu/+source/packagekit/1.2.8-2ubuntu1.5
https://launchpad.net/ubuntu/+source/packagekit/1.2.5-2ubuntu3.1
--===============0133921571573700443==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
