CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-48992 – Ubuntu Security Notice USN-7117-3
https://notcve.org/view.php?id=CVE-2024-48992
19 Nov 2024 — Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable. The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by tricking needrestart into running the Py... • https://packetstorm.news/files/id/182765 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-48991 – Ubuntu Security Notice USN-7117-3
https://notcve.org/view.php?id=CVE-2024-48991
19 Nov 2024 — Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Pyt... • https://packetstorm.news/files/id/182765 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 11%CPEs: 1EXPL: 13CVE-2024-48990 – Ubuntu Security Notice USN-7117-3
https://notcve.org/view.php?id=CVE-2024-48990
19 Nov 2024 — Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable. The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by tricking needrestart into running t... • https://packetstorm.news/files/id/183464 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 13%CPEs: 1EXPL: 2CVE-2024-11003 – Ubuntu Security Notice USN-7117-3
https://notcve.org/view.php?id=CVE-2024-11003
19 Nov 2024 — Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps. The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by... • https://packetstorm.news/files/id/182765 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-30688 – Ubuntu Security Notice USN-5426-1
https://notcve.org/view.php?id=CVE-2022-30688
17 May 2022 — needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files. needrestart versiones 0.8 hasta 3.5 anteriores a 3.6, es propenso a una escalada de privilegios local. Las remezclas para detectar los intérpretes de Perl, Python y Ruby no están ancladas, lo que permite a un usuario local escalar priv... • http://www.openwall.com/lists/oss-security/2022/05/17/9 •