PackageKit could be made to install packages as the administrator.
Software Description:
Details:
USN-8195-1 fixed a vulnerability in PackageKit. This update provides the
corresponding update to Ubuntu 26.04 LTS.
Original advisory details:
It was discovered that PackageKit incorrectly handled certain
transactions. A local attacker could use this issue to install arbitrary
packages as root, possibly resulting in privilege escalation.
The problem can be corrected by updating your system to the following package versions: After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-8195-2
https://ubuntu.com/security/notices/USN-8195-1
https://launchpad.net/bugs/2149908
Get the latest Linux and open source security news straight to your inbox.