Description
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9Attack Vector: Local
Complexity: Low
Privileges: Low
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High
Affected Packages5 packages
🔴Vulnerability Details
5OSVneedrestart regression↗2024-12-05 OSVneedrestart regression↗2024-11-26 GHSAGHSA-xmgx-2283-p55h: Qualys discovered that needrestart, before version 3↗2024-11-19 OSVSeveral security issues were fixed in needrestart and Module::ScanDeps↗2024-11-19 OSVCVE-2024-48992: Qualys discovered that needrestart, before version 3↗2024-11-19 📋Vendor Advisories
4Ubuntuneedrestart regression↗2024-12-05 Ubuntuneedrestart regression↗2024-11-26 Ubuntuneedrestart and Module::ScanDeps vulnerabilities↗2024-11-19 DebianCVE-2024-48992: needrestart - Qualys discovered that needrestart, before version 3.8, allows local attackers t...↗2024 🕵️Threat Intelligence
5QualysMitigate High-Risk Vulnerabilities Using TruRisk | Qualys↗2024-12-04 QualysProactively Managing High-Risk Vulnerabilities with TruRisk Mitigate™↗2024-12-04 BleepingcomputerUbuntu Linux impacted by decade-old 'needrestart' flaw that gives root↗2024-11-20 QualysQualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart↗2024-11-19 QualysQualys TRU Uncovers 5 Local Privilege Escalation Flaws | Qualys↗2024-11-19