CVE-2026-41651

HIGH LAB

PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 11 public exploits for CVE-2026-41651. PoCs published by Vozec, adminlove520, dinosn.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2026-41651, a TOCTOU race condition in PackageKit's transaction handler, allowing local privilege escalation to root. The exploit leverages a chain of three bugs to bypass authentication and install arbitrary packages as root.

Description

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition on transaction flags that allows unprivileged users to install packages as root and thus leads to a local privilege escalation. This is patched in version 1.3.5. A local unprivileged user can install arbitrary RPM packages as root, including executing RPM scriptlets, without authentication. The vulnerability is a TOCTOU race condition on `transaction->cached_transaction_flags` combined with a silent state-machine guard that discards illegal backward transitions while leaving corrupted flags in place. Three bugs exist in `src/pk-transaction.c`: 1. Unconditional flag overwrite (line 4036): `InstallFiles()` writes caller-supplied flags to `transaction->cached_transaction_flags` without checking whether the transaction has already been authorized/started. A second call blindly overwrites the flags even while the transaction is RUNNING. 2. Silent state-transition rejection (lines 873–882): `pk_transaction_set_state()` silently discards backward state transitions (e.g. `RUNNING` → `WAITING_FOR_AUTH`) but the flag overwrite at step 1 already happened. The transaction continues running with corrupted flags. 3. Late flag read at execution time (lines 2273–2277): The scheduler's idle callback reads cached_transaction_flags at dispatch time, not at authorization time. If flags were overwritten between authorization and execution, the backend sees the attacker's flags.

Exploits (11)

nomisec WORKING POC 6 stars
by Vozec · poc
https://github.com/Vozec/CVE-2026-41651

This repository contains a functional exploit for CVE-2026-41651, a TOCTOU race condition in PackageKit's transaction handler, allowing local privilege escalation to root. The exploit leverages a chain of three bugs to bypass authentication and install arbitrary packages as root.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: PackageKit versions 1.0.2 to 1.3.4
No auth needed
Prerequisites: Local access to a vulnerable system · PackageKit daemon running
devstral-2 · analyzed Apr 24, 2026 Full analysis →
github WORKING POC 4 stars
by adminlove520 · pythonpoc
https://github.com/adminlove520/CVE-Poc_All_in_One/tree/main/2026/CVE-2026-41651

This repository contains a functional privilege escalation exploit for CVE-2026-41651, targeting a race condition in PackageKit. The exploit leverages D-Bus calls to manipulate package installations, resulting in a SUID binary creation.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: PackageKit (version not specified, likely 1.3.1-1 based on Dockerfile)
No auth needed
Prerequisites: D-Bus access · PackageKit service running · dpkg-deb available
devstral-2 · analyzed May 17, 2026 Full analysis →
nomisec WORKING POC 2 stars
by dinosn · poc
https://github.com/dinosn/pack2theroot-lab

This repository contains a functional exploit for CVE-2026-41651, a local privilege escalation vulnerability in PackageKit. The exploit leverages a TOCTOU race condition in the D-Bus transaction handling to achieve root access.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: PackageKit versions >= 1.0.2 and <= 1.3.4
No auth needed
Prerequisites: Local unprivileged shell on a host running vulnerable PackageKit
devstral-2 · analyzed Apr 25, 2026 Full analysis →
github WORKING POC
by Lutfifakee-Project · cpoc
https://github.com/Lutfifakee-Project/CVE-2026-41651

This repository contains a functional exploit for CVE-2026-41651, a TOCTOU (Time-Of-Check to Time-Of-Use) race condition vulnerability in PackageKit. The exploit leverages a race condition to bypass polkit authorization checks and achieve local privilege escalation by installing a malicious .deb package with a root-owned post-installation script.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: PackageKit versions 1.0.2 to 1.3.4
No auth needed
Prerequisites: local access to a vulnerable system · PackageKit installed and running · Debian/Ubuntu-based system for .deb package compatibility
devstral-2 · analyzed May 20, 2026 Full analysis →
nomisec WORKING POC
by mawussid · poc
https://github.com/mawussid/CVE-2026-41651-Python

This repository contains a functional local privilege escalation (LPE) exploit for CVE-2026-41651, targeting a TOCTOU race condition in PackageKit versions 1.0.2 to 1.3.4. The exploit leverages D-Bus communication to bypass polkit authentication and execute arbitrary commands as root via a malicious postinst script in a crafted .deb package.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: PackageKit (versions 1.0.2 to 1.3.4)
No auth needed
Prerequisites: Local access to the target system · PackageKit daemon running · D-Bus access
devstral-2 · analyzed May 07, 2026 Full analysis →
github WORKING POC
by aexdyhaxor · pythonpoc
https://github.com/aexdyhaxor/CVE-2026-41651

This repository contains a functional privilege escalation exploit for CVE-2026-41651, targeting a TOCTOU (Time-of-Check Time-of-Use) vulnerability in PackageKit. The exploit leverages D-Bus calls to manipulate transaction states, allowing an attacker to escalate privileges by installing a malicious package with SUID permissions.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: PackageKit (specific version not specified)
No auth needed
Prerequisites: Python 3 with gi.repository (Gio, GLib) · PackageKit installed · dpkg-deb or rpmbuild for package creation · Writable directory supporting SUID and exec
devstral-2 · analyzed May 03, 2026 Full analysis →
github WORKING POC
by shibaaa204 · cpoc
https://github.com/shibaaa204/Pack2TheRoot

This repository contains a functional privilege escalation exploit for CVE-2026-41651, targeting a race condition in PackageKit via D-Bus calls to install malicious DEB packages. The exploit creates a SUID root shell by leveraging a TOCTOU (Time-of-Check Time-of-Use) vulnerability in the package installation process.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: PackageKit (packagekit=1.3.1-1)
No auth needed
Prerequisites: D-Bus access · PackageKit service running · dpkg-deb available
devstral-2 · analyzed Apr 29, 2026 Full analysis →
nomisec WORKING POC
by baph00met · poc
https://github.com/baph00met/CVE-2026-41651

This repository contains a functional exploit for CVE-2026-41651, a TOCTOU race condition in PackageKit that allows local privilege escalation to root. The exploit leverages a D-Bus race condition to overwrite transaction parameters and execute arbitrary code as root.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: PackageKit ≤ 1.3.4
No auth needed
Prerequisites: Unprivileged local access · PackageKit ≤ 1.3.4 installed · D-Bus access
devstral-2 · analyzed Apr 24, 2026 Full analysis →
nomisec SCANNER
by 0xBlackash · poc
https://github.com/0xBlackash/CVE-2026-41651

The repository contains a safe vulnerability checker for CVE-2026-41651, a TOCTOU race condition in PackageKit, which detects vulnerable versions but does not exploit the vulnerability.

Classification
Scanner 100%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: PackageKit versions 1.0.2 to 1.3.4
No auth needed
Prerequisites: local access to the target system · PackageKit installed
devstral-2 · analyzed Apr 24, 2026 Full analysis →
nomisec WORKING POC
by CipherCloak · poc
https://github.com/CipherCloak/CVE-2026-41651

The repository contains functional exploit code for CVE-2026-41651, a privilege escalation vulnerability in PackageKit. The exploit leverages a race condition in D-Bus transactions to install a malicious package with a post-install script that sets the SUID bit on /bin/bash, granting root access.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: PackageKit (specific version not specified)
No auth needed
Prerequisites: dpkg-deb · PackageKit running with D-Bus interface accessible · ability to create files in /tmp
devstral-2 · analyzed Apr 24, 2026 Full analysis →

References (6)

Core 6
Core References

Scores

CVSS v3 8.8
EPSS 0.0015
EPSS Percentile 36.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Lab Environment

COMMUNITY
Community Lab
docker pull pack2theroot-lab/vulnerable:latest
docker pull pack2theroot-lab/patched:latest
docker pull pack2theroot-lab/exploit:latest
+11 more repos

Details

CWE
CWE-367
Status published
Products (2)
PackageKit/PackageKit >= 1.0.2, <= 1.3.4
packagekit_project/packagekit 1.0.2 - 1.3.5
Published Apr 22, 2026
Tracked Since Apr 22, 2026