Your submission was sent successfully! Close

USN-3634-1: PackageKit vulnerability

24 April 2018

PackageKit could be made to install or run programs as an administrator.



  • packagekit - Provides a package management service


Matthias Gerstner discovered that PackageKit incorrectly handled
authentication. A local attacker could possibly use this issue to install
arbitrary packages and escalate privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 17.10

After a standard system update you need to reboot your computer to make
all the necessary changes.