Tech

Packagekit: Researchers use Claude Opus to discover dangerous 12-year-old root hole in Linux

Photo of Ahmed Riaz Ahmed Riaz Send an email 4 mins ago
0 0 2 minutes read

AI vulnerability

Security researchers discover gap in Linux with AI support. (Symbol image: Shutterstock/Ken stocker)

The AI ​​model Claude Mythos, announced at the beginning of April 2026, is said to be so good at detecting security gaps that the provider Anthropic has postponed the launch for security reasons. Until the final publication, companies from the tech and financial sectors should have the opportunity to seal their software with a preview version.

Claude Opus: Gap found using AI

Firefox provider Mozilla has discovered and patched 271 vulnerabilities in the browser with Claude Mythos Preview. With its predecessor, Claude Opus, only 22 gaps were found in the previous Firefox version. Anthropic AI Claude Opus has now also used a Red Team from Deutsche Telekom and discovered a dangerous security hole in Linux software.

Editorial recommendations

As Telekom security researchers report, the vulnerability affects various Linux distributions, such as Ubuntu, Debian, Fedora or Red Hat Enterprise Linux, in their standard settings. Specifically, it is a vulnerability in the Packagekit software, a widely used package management system.

Pack2TheRoot: Serious security vulnerability in Linux

The Telekom researchers have named the security gap “Pack2TheRoot”. It is registered in Nist’s NVD vulnerability database as CVE-2026-41651. With a CVSS value of 8.8, the vulnerability is of high severity, as Golem writes.

The package kit versions 1.0.2 to 1.3.4 are affected. Accordingly, the gap had existed since 2014, i.e. for almost twelve years. Attackers could exploit the vulnerability “to gain full root access or otherwise compromise the system,” as the researchers write.

Recommended editorial content

Here you can find external content from TargetVideo GmbHwhich complement our editorial offering on t3n.de. By clicking “Show content” you agree that we can show you content from. now and in the future TargetVideo GmbH may display on our pages. Personal data may be transmitted to third-party platforms.

Note on data protection

Packagekit update fixes vulnerability

However, the prerequisite is local access with simple usage rights. System packages could then be installed or removed using Pack2TheRoot. According to their own information, the Telekom researchers reported the security gap to the Packagekit maintainers. The Packagekit developers have now released a new version (1.3.5) that closes the dangerous gap.

(Photo: Wirestock Creators / Shutterstock.com)

From pointless security questions to insecure passwords: The stupidest security mistakes

However, the Telekom researchers are still holding back on providing further details about the vulnerability. The working exploit code is also being kept under wraps for the time being for security reasons.

Top article

Source link

Photo of Ahmed Riaz Ahmed Riaz Send an email 4 mins ago
0 0 2 minutes read
Photo of Ahmed Riaz

Ahmed Riaz

Related Articles

Symfony AI Mate with DDEV

4 hours ago

TechTicker: Outdoor-Messe Kurzeindruck, Wharfedale Heritage Center, Satechi 140-W GaN-Charger, NAD CD-Player | News

8 hours ago

Researchers obtain hydrogen from battery acid and plastic

12 hours ago

New Mac malware stays invisible – and targets credentials | News

16 hours ago

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close

Adblock Detected

kindly turn off ad blocker to browse freely