Packagekit Project: >> Packagekit >> 1.2.4 Security Vulnerabilities
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any previously stored data in this memory region is considered lost.
CVSS Score
3.3
EPSS Score
0.0
Published
2024-01-03
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.
CVSS Score
3.3
EPSS Score
0.0
Published
2022-06-28