Headline
Debian Security Advisory 5815-1
Debian Linux Security Advisory 5815-1 - The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable (CVE-2024-48990) or running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable (CVE-2024-48992). Additionally a local attacker can trick needrestart into running a fake Python interpreter (CVE-2024-48991) or cause needrestart to call the Perl module Module::ScanDeps with attacker-controlled files (CVE-2024-11003).
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Debian Security Advisory DSA-5815-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
November 19, 2024 https://www.debian.org/security/faq
Package : needrestart
CVE ID : CVE-2024-11003 CVE-2024-48990 CVE-2024-48991 CVE-2024-48992
The Qualys Threat Research Unit discovered several local privilege
escalation vulnerabilities in needrestart, a utility to check which
daemons need to be restarted after library upgrades. A local attacker
can execute arbitrary code as root by tricking needrestart into running
the Python interpreter with an attacker-controlled PYTHONPATH
environment variable (CVE-2024-48990) or running the Ruby interpreter
with an attacker-controlled RUBYLIB environment variable
(CVE-2024-48992). Additionally a local attacker can trick needrestart
into running a fake Python interpreter (CVE-2024-48991) or cause
needrestart to call the Perl module Module::ScanDeps with
attacker-controlled files (CVE-2024-11003).
Details can be found in the Qualys advisory at
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
For the stable distribution (bookworm), these problems have been fixed in
version 3.6-4+deb12u2.
We recommend that you upgrade your needrestart packages.
For the detailed security status of needrestart please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/needrestart
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmc8u7BfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SWTw//ZZyH3BeNHygAtvD7zi6CEOe6Ni/1fz6RWMiKXmcRFoEPvTb5w7lg7ofj
TtpZA3Om2ydUnil+XbmaIC9O5/dJ3+oFAtPyUHqI6aIwbr8PDhsJegVh7XW2lw3I
zou8DQrNVgTLVhYZNJ+q77HqxMYE73opIH7D5YjTY11jgqXIGzFTvuoVFdnmBKCY
wgdEUaGf0nidS58HnArIxaT2ObGFgtyfxo+mjRYhUDNuJRDe1p2v7DCs8HnZA1XG
XbVU2ueZkvyAjFi8LwfJA2+ju1CA6JHQUttm/YiJIqXSe204UQdDpFW7fgHOMvGI
ZawWI1ohzSSVmNck4UxWZ5IxNwbFK2YNAH1XqL8NUTnhFRcUlf1i8eWJn6Tbp2jO
YZ52CsnVruAmB7o0u3fQE6YJGFtuX9dmO+/qF6/SXrBrqMUVxeoKGFZBGNOH2ppE
sNB4Dl6yRd6rxaDCSNMSRRSHDNJJxSBSUiyKSmQYziDpciRTgiHDlxzThv8hrCBT
osH/63F02Ep/gj/QQcbL+FXpD5w6eLk6mJMRnfv+MvqzzEm0DrRA9g8v6r2lTVPT
hHEFpWuRHEtF1V6PuwMQMqIjWK/XnoTOzylTkerQmsy0oP8BwRtDF652csyDGbSE
rO17YGPLUCH6fLbgagIUisrzq/tfZmRcIjsUTsYLQgDGidtMccI=
=Rku5
-----END PGP SIGNATURE-----
Related news
About Elevation of Privilege – needrestart (CVE-2024-48990) vulnerability. On November 19, Qualys released a security bulletin about five privilege escalation vulnerabilities in the needrestart utility (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003) used in Ubuntu Server, starting with version 21.04. The needrestart utility runs automatically after APT operations (installing, updating, or removing packages). It checks if […]
Ubuntu Security Notice 7117-2 - USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem. Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root.
Qualys discovered that needrestart suffers from multiple local privilege escalation vulnerabilities that allow for root access from an unprivileged user.
Ubuntu Security Notice 7117-1 - Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands.