Debian Needrestart vulnerabilities

5 known vulnerabilities affecting debian/needrestart.

Total CVEs

5

CISA KEV

0

Public exploits

1

Exploited in wild

0

Severity breakdown

HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2024-48990HIGHCVSS 7.8PoCfixed in needrestart 3.6-4+deb12u2 (bookworm)2024

CVE-2024-48990 [HIGH] CVE-2024-48990: needrestart - Qualys discovered that needrestart, before version 3.8, allows local attackers t... Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable. Scope: local bookworm: resolved (fixed in 3.6-4+deb12u2) bullseye: resolved (fixed in 3.5-4+deb11u4) forky: resolved (fixed in 3.7

CVE-2024-48992HIGHCVSS 7.8fixed in needrestart 3.6-4+deb12u2 (bookworm)2024

CVE-2024-48992 [HIGH] CVE-2024-48992: needrestart - Qualys discovered that needrestart, before version 3.8, allows local attackers t... Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable. Scope: local bookworm: resolved (fixed in 3.6-4+deb12u2) bullseye: resolved (fixed in 3.5-4+deb11u4) forky: resolved (fixed in 3.7-3.1)

CVE-2024-48991HIGHCVSS 7.8fixed in needrestart 3.6-4+deb12u2 (bookworm)2024

CVE-2024-48991 [HIGH] CVE-2024-48991: needrestart - Qualys discovered that needrestart, before version 3.8, allows local attackers t... Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3

CVE-2024-11003MEDIUMCVSS 5.3fixed in needrestart 3.6-4+deb12u2 (bookworm)2024

CVE-2024-11003 [MEDIUM] CVE-2024-11003: needrestart - Qualys discovered that needrestart, before version 3.8, passes unsanitized data ... Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps. Scope: local bookworm: resolved (fixed in 3.6-4+deb12u2) bullseye: resolved (fixed in 3.5-4+

CVE-2022-30688HIGHCVSS 7.8fixed in needrestart 3.6-1 (bookworm)2022

CVE-2022-30688 [HIGH] CVE-2022-30688: needrestart - needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. R... needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files. Scope: local bookworm: resolved (fixed in 3.6-1) bullseye: resolved (fixed in 3.5-4+deb