CVE-2018-1106
MEDIUMPackageKit < 1.1.10 - Unauthenticated Package Installation via Signed Package Bypass
Title source: llmDescription
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system.
References (5)
Core 5
Core References
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3634-1/
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2018/dsa-4207
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2018/04/23/3
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:1224
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1565992
Scores
CVSS v3
5.5
EPSS
0.0003
EPSS Percentile
8.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-287
Status
published
Products (10)
canonical/ubuntu_linux
17.10
debian/debian_linux
9.0
packagekit_project/packagekit
< 1.1.10
redhat/enterprise_linux_desktop
7.0
redhat/enterprise_linux_server
7.0
redhat/enterprise_linux_server_aus
7.6
redhat/enterprise_linux_server_eus
7.5
redhat/enterprise_linux_server_eus
7.6
redhat/enterprise_linux_server_tus
7.6
redhat/enterprise_linux_workstation
7.0
Published
Apr 23, 2018
Tracked Since
Feb 18, 2026