Description
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3).
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9Attack Vector: Local
Complexity: Low
Privileges: Low
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High
Affected Packages5 packages
🔴Vulnerability Details
5OSVneedrestart regression↗2024-12-05 OSVneedrestart regression↗2024-11-26 GHSAGHSA-4696-66c4-2gvx: Qualys discovered that needrestart, before version 3↗2024-11-19 OSVSeveral security issues were fixed in needrestart and Module::ScanDeps↗2024-11-19 OSVCVE-2024-48991: Qualys discovered that needrestart, before version 3↗2024-11-19 📋Vendor Advisories
4Ubuntuneedrestart regression↗2024-12-05 Ubuntuneedrestart regression↗2024-11-26 Ubuntuneedrestart and Module::ScanDeps vulnerabilities↗2024-11-19 DebianCVE-2024-48991: needrestart - Qualys discovered that needrestart, before version 3.8, allows local attackers t...↗2024 🕵️Threat Intelligence
5QualysMitigate High-Risk Vulnerabilities Using TruRisk | Qualys↗2024-12-04 QualysProactively Managing High-Risk Vulnerabilities with TruRisk Mitigate™↗2024-12-04 BleepingcomputerUbuntu Linux impacted by decade-old 'needrestart' flaw that gives root↗2024-11-20 QualysQualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart↗2024-11-19 QualysQualys TRU Uncovers 5 Local Privilege Escalation Flaws | Qualys↗2024-11-19