Dear de.NBI Cloud Tübingen users,
the Telekom Security team has found a Local Privilege Escalation Vulnerability called Pack2TheRoot (CVE-2026-41651) which affects almost all common Linux distributions.
See https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html for more details.
This warning is especially relevant if you have less trustworthy local users that can execute arbitrary code, like in a Slurm cluster.
Please do the following on your VMs and PCs:
- Check if PackageKit is installed
- If so, check for signs of compromise
- If it is installed, check if it is vulnerable and can be patched (the latest versions in recent Debian and Ubuntu releases are fixed)
- If it cannot be patched, please remove the package (you most likely do not need it)
the link above also describes how to perform the checks.
If you do find signs of compromise
1. uninstall the package immediately
2. notify us
3. if possible shutdown affected VMs
4. rotate/disable all of your potentially compromised credentials
If you have questions contact us via denbi@zdv.uni-tuebingen.de.
Best Regards, Benjamin (on behalf of the de.NBI admin team Tübingen)