现在我也不知道这频道发了啥了，各位慢慢吃瓜，将就着看联系我请去 @abc1763613206友链儿@cyberElaina@rvalue_daily@billchenlahttps://channel.0w0.besthttps://channel.0w0.best/posts/7231https://channel.0w0.best/posts/7231Wed, 22 Apr 2026 14:07:25 GMT<i><b>🔴</b></i> <mark>PackageKit</mark> 本地提权漏洞；请尽快升级至 1.3.5。<br /><br />- 修复版本 1.3.5 在约两小时前发布。<br />- <mark>PackageKit</mark> 是许多包管理器的后端，在 Ubuntu、Debian、Fedora 等发行版上被广泛应用；最早受影响版本 1.0.2 版本在 12 年前发布。<br />- 鉴于以上情况，目前大部分正在运行的 Linux 系统都受此漏洞影响，建议系统管理员在更新版本于发行版发布后及时更新。<br /><br />CVSS: 8.8/10<br />Affect: [1.0.2, 1.3.4]<br /><br />- <a href="https://github.com/PackageKit/PackageKit/security/advisories/GHSA-f55j-vvr9-69xv" target="_blank">GHSA-f55j-vvr9-69xv</a><br />- <a href="https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html" target="_blank">github.security.telekom.com/~</a><br /><br />linksrc: <a href="https://t.me/bupt_moe/2712" target="_blank">https://t.me/bupt_moe/2712</a><br /><br /><a href="/search/%23Security">#Security</a> <a href="/search/%23PackageKit">#PackageKit</a><a href="https://github.com/PackageKit/PackageKit/security/advisories/GHSA-f55j-vvr9-69xv" target="_blank"> <div>GitHub</div> <img class="link_preview_image" alt="Race condition vulnerability leads to arbitrary package installation as root" src="/static/https://cdn4.telesco.pe/file/GD_FPBUlPdNKSJj8Ze0NJMaqUIJHaKMlSqh0Y6Lqse4U3GTO9SUhc12Pbwisb5etvUHeQmWzKMX3RiqYvuiwNNKqvBZMh1BmEU25ER56u_vXKEY93QsC0F0GFBu-vH6nPPa_0U1gvb8RVzt_GcLaYjx-u-85wWjL1_F-yfvbJ0KUjGpHE7R8kCN2OuWRV3aZx95x2E8Tt3crQPEwpzdl7WwRXEocQ75k81C3GpadrSXl_yR6usd0MO7CXQZB-G8TMpFzVgWfxqcsYlG6BmT2NC5w8hdLWcROQ93Jn0BY5wpy8I1B8Dq2DnFFz6vyACmPJGuSQfAFvpdmpNq7wLQ_Zg.jpg" loading="lazy" /> <div>Race condition vulnerability leads to arbitrary package installation as root</div> <div>This report explains a vulnerability within <mark>PackageKit</mark>, that allows unprivileged user installing packages as root and thus leads to a local privilege escalation. <br /> <br />All <mark>PackageKit</mark> versions between ...</div> </a>