Red Hat Product Errata RHSA-2026:17560 - Security Advisory Issued: 2026-05-14 Updated: 2026-05-14 RHSA-2026:17560 - Security Advisory Overview Updated Packages Synopsis Important: PackageKit security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for PackageKit is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fix(es): PackageKit: race condition vulnerability leads to arbitrary package installation as root (CVE-2026-41651) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Fixes BZ - 2460604 - CVE-2026-41651 PackageKit: race condition vulnerability leads to arbitrary package installation as root CVEs CVE-2026-41651 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM PackageKit-1.1.12-6.el8_8.1.src.rpm SHA-256: ec45249e53c94376e5883b7b064df0941a247180caaa3f2a1d173860eb4c136a x86_64 PackageKit-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 3cd5f44b7a1f269356a379339c5e08fb1f249a2debd20bc1f42f61e8df2c2e16 PackageKit-command-not-found-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 58c9d8d39d583eae00b0e1692ed1e95cc3171161231f5ad1792ee34eb55aa555 PackageKit-command-not-found-debuginfo-1.1.12-6.el8_8.1.i686.rpm SHA-256: af5aa2bc6168fe49b2d81c8cd8c47117fe9c49e527caf20d36aea81b44e6b283 PackageKit-command-not-found-debuginfo-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: ea1c56930f0b53a6e048232b5c6b21eae00a3cbad91e362291322b3492d9097f PackageKit-cron-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: bc68e61be1a7107386da8b6b0356f71e5e23cc4d1b0d704d14ea9378640f94d8 PackageKit-debuginfo-1.1.12-6.el8_8.1.i686.rpm SHA-256: b4915d966ecc0f34c9a70370acfa2d76ccb145d0241a8eed93c1851ee929943a PackageKit-debuginfo-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 848bd3c1ff88c96177fb2d955f0c69528571f9e3bb02682e8626545012d5c327 PackageKit-debugsource-1.1.12-6.el8_8.1.i686.rpm SHA-256: 742af8abb77ea2adb52a9578ba28014c7c4e2b1537df307a2076f9ab3f909d76 PackageKit-debugsource-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: fb195c9da8a13e366a3dad32e61d29df25b6bfee81aff5000361c2225f3c06b3 PackageKit-glib-1.1.12-6.el8_8.1.i686.rpm SHA-256: c29a2167dec4a156b226a2223235d18f7df95b76ff1be72ff154a3faa23e916d PackageKit-glib-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 214f299a2a89cdaced1ce226f69c299a18396ecba8cddbb217786f5524d357d9 PackageKit-glib-debuginfo-1.1.12-6.el8_8.1.i686.rpm SHA-256: 0ca072e48295d132bad1b6615b71bf1fd06171d699b2413bef9e105516f36bf5 PackageKit-glib-debuginfo-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: bd27bf02d38a87e820d0d2b2eef4f1f05f5c995cec4cb061bc458aa1df085022 PackageKit-gstreamer-plugin-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 50dc7b8bac537516b0daa13bd0fc4488d7cc0e1eb09e3cf2db1b32e03e514ae5 PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8_8.1.i686.rpm SHA-256: 95644640bc2aed1aa8de5215ce5f1c179e74a32bb1e1353971dbe2559c9c9280 PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 97048d5bc9f278ce9cd8b01cbb3adc399ad0b59ba4f1f055b181ecc07e1a9dfa PackageKit-gtk3-module-1.1.12-6.el8_8.1.i686.rpm SHA-256: a31f7c4aded267822f9826bb212577d6811166253a5085b722b0232ec2459069 PackageKit-gtk3-module-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: f856c8847518952c3daf1809dab5898172e7f7b92fdfa7d462bb40ae551e15af PackageKit-gtk3-module-debuginfo-1.1.12-6.el8_8.1.i686.rpm SHA-256: 4038f728f347092b96367d26cee3690fe77b31985de901fcbbcc28742a1edc54 PackageKit-gtk3-module-debuginfo-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 3af252f8e84752c3aae004e4793748470417f968c344fc038c1c9f9e5c951499 Red Hat Enterprise Linux Server - TUS 8.8 SRPM PackageKit-1.1.12-6.el8_8.1.src.rpm SHA-256: ec45249e53c94376e5883b7b064df0941a247180caaa3f2a1d173860eb4c136a x86_64 PackageKit-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 3cd5f44b7a1f269356a379339c5e08fb1f249a2debd20bc1f42f61e8df2c2e16 PackageKit-command-not-found-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 58c9d8d39d583eae00b0e1692ed1e95cc3171161231f5ad1792ee34eb55aa555 PackageKit-command-not-found-debuginfo-1.1.12-6.el8_8.1.i686.rpm SHA-256: af5aa2bc6168fe49b2d81c8cd8c47117fe9c49e527caf20d36aea81b44e6b283 PackageKit-command-not-found-debuginfo-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: ea1c56930f0b53a6e048232b5c6b21eae00a3cbad91e362291322b3492d9097f PackageKit-cron-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: bc68e61be1a7107386da8b6b0356f71e5e23cc4d1b0d704d14ea9378640f94d8 PackageKit-debuginfo-1.1.12-6.el8_8.1.i686.rpm SHA-256: b4915d966ecc0f34c9a70370acfa2d76ccb145d0241a8eed93c1851ee929943a PackageKit-debuginfo-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 848bd3c1ff88c96177fb2d955f0c69528571f9e3bb02682e8626545012d5c327 PackageKit-debugsource-1.1.12-6.el8_8.1.i686.rpm SHA-256: 742af8abb77ea2adb52a9578ba28014c7c4e2b1537df307a2076f9ab3f909d76 PackageKit-debugsource-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: fb195c9da8a13e366a3dad32e61d29df25b6bfee81aff5000361c2225f3c06b3 PackageKit-glib-1.1.12-6.el8_8.1.i686.rpm SHA-256: c29a2167dec4a156b226a2223235d18f7df95b76ff1be72ff154a3faa23e916d PackageKit-glib-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 214f299a2a89cdaced1ce226f69c299a18396ecba8cddbb217786f5524d357d9 PackageKit-glib-debuginfo-1.1.12-6.el8_8.1.i686.rpm SHA-256: 0ca072e48295d132bad1b6615b71bf1fd06171d699b2413bef9e105516f36bf5 PackageKit-glib-debuginfo-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: bd27bf02d38a87e820d0d2b2eef4f1f05f5c995cec4cb061bc458aa1df085022 PackageKit-gstreamer-plugin-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 50dc7b8bac537516b0daa13bd0fc4488d7cc0e1eb09e3cf2db1b32e03e514ae5 PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8_8.1.i686.rpm SHA-256: 95644640bc2aed1aa8de5215ce5f1c179e74a32bb1e1353971dbe2559c9c9280 PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 97048d5bc9f278ce9cd8b01cbb3adc399ad0b59ba4f1f055b181ecc07e1a9dfa PackageKit-gtk3-module-1.1.12-6.el8_8.1.i686.rpm SHA-256: a31f7c4aded267822f9826bb212577d6811166253a5085b722b0232ec2459069 PackageKit-gtk3-module-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: f856c8847518952c3daf1809dab5898172e7f7b92fdfa7d462bb40ae551e15af PackageKit-gtk3-module-debuginfo-1.1.12-6.el8_8.1.i686.rpm SHA-256: 4038f728f347092b96367d26cee3690fe77b31985de901fcbbcc28742a1edc54 PackageKit-gtk3-module-debuginfo-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 3af252f8e84752c3aae004e4793748470417f968c344fc038c1c9f9e5c951499 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 SRPM PackageKit-1.1.12-6.el8_8.1.src.rpm SHA-256: ec45249e53c94376e5883b7b064df0941a247180caaa3f2a1d173860eb4c136a ppc64le PackageKit-1.1.12-6.el8_8.1.ppc64le.rpm SHA-256: df4e1fa1e05f90cbe60cb8e79cc342861d769b25165285a6f42bce3880cfaadf PackageKit-command-not-found-1.1.12-6.el8_8.1.ppc64le.rpm SHA-256: 77726273139e0f6172020aa0cc0f0911b0c81f94ed462dd7516656a005b57eae PackageKit-command-not-found-debuginfo-1.1.12-6.el8_8.1.ppc64le.rpm SHA-256: 36046442586c9217a0792d851303eb8c561af4ab33a59a0f4f2bfc114e0a3897 PackageKit-cron-1.1.12-6.el8_8.1.ppc64le.rpm SHA-256: f551f281824ad85a49cfa471b1e8a1aa68cb882cc08b4ea3c3515d307544c095 PackageKit-debuginfo-1.1.12-6.el8_8.1.ppc64le.rpm SHA-256: 38ffa617f90406ab841b44e44f6075646d494591a90ec70318f3cb11e6f76d65 PackageKit-debugsource-1.1.12-6.el8_8.1.ppc64le.rpm SHA-256: 6a8cf3e1147fed20eeb23276d747bbb94c02f0c13936b95a71393d54a8ee63f5 PackageKit-glib-1.1.12-6.el8_8.1.ppc64le.rpm SHA-256: dfedce65c0a26d3170f5b36cc5998036de307b23109aad2635935ff105e2741c PackageKit-glib-debuginfo-1.1.12-6.el8_8.1.ppc64le.rpm SHA-256: 7f457105f6ff9e4dcb2dd0e5d80754414a84f6459900f6703c64691bfa054470 PackageKit-gstreamer-plugin-1.1.12-6.el8_8.1.ppc64le.rpm SHA-256: a5690c8694fa53021dc0dfbbfd90578eb280ab4b6bdf08110e511445c9d45df0 PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8_8.1.ppc64le.rpm SHA-256: 496bafd6d61737980943501f4eab280ee9e4dc5bcf5cda3c791684343b329377 PackageKit-gtk3-module-1.1.12-6.el8_8.1.ppc64le.rpm SHA-256: c0554dc8896f7b884beb0dd325afa0fb482e4b695ca7dc81dd92759f03b8eb0c PackageKit-gtk3-module-debuginfo-1.1.12-6.el8_8.1.ppc64le.rpm SHA-256: 60fcaf8305c45a079da6b793188adeaae0bf3d0a260230cbb90970ce4cfc9dba Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 SRPM PackageKit-1.1.12-6.el8_8.1.src.rpm SHA-256: ec45249e53c94376e5883b7b064df0941a247180caaa3f2a1d173860eb4c136a x86_64 PackageKit-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 3cd5f44b7a1f269356a379339c5e08fb1f249a2debd20bc1f42f61e8df2c2e16 PackageKit-command-not-found-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: 58c9d8d39d583eae00b0e1692ed1e95cc3171161231f5ad1792ee34eb55aa555 PackageKit-command-not-found-debuginfo-1.1.12-6.el8_8.1.i686.rpm SHA-256: af5aa2bc6168fe49b2d81c8cd8c47117fe9c49e527caf20d36aea81b44e6b283 PackageKit-command-not-found-debuginfo-1.1.12-6.el8_8.1.x86_64.rpm SHA-256: ea1c56930f0b53a6e048232b5c6b21eae00