CVE-2022-30688 — Improper Privilege Management in Project Needrestart

CWE-269 — Improper Privilege Management5 documents5 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 84.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Needrestart Needrestart Project Needrestart Debian Needrestart +1 more

Timeline

PublishedMay 17

Latest updateMay 18

Description

needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶debiandebian/needrestart< needrestart 3.6-1 (bookworm)

▶NVDneedrestart_project/needrestart0.8 — 3.6

▶Debianneedrestart/needrestart< 3.5-4+deb11u1+3

Also affects: Debian Linux 10.0, 11.0, 9.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-6qgc-vw4g-mxw4: needrestart 0↗2022-05-18

▶

OSV

CVE-2022-30688: needrestart 0↗2022-05-17

▶

📋Vendor Advisories

Ubuntu

needrestart vulnerability↗2022-05-17

▶

Debian

CVE-2022-30688: needrestart - needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. R...↗2022

▶