AT2k Design BBS Message Area
Casually read the BBS message area using an easy to use interface. Messages are categorized exactly like they are on the BBS. You may post new messages or reply to existing messages!

You are not logged in. Login here for full access privileges.

Previous Message | Next Message | Back to Slashdot  <--  <--- Return to Home Page
   Local Database  Slashdot   [77 / 112] RSS
 From   To   Subject   Date/Time 
Message   VRSS    All   Ubuntu Linux Impacted By Decade-Old 'needrestart' Flaw That Give   November 20, 2024
 7:20 PM   

Feed: Slashdot
Feed Link: https://slashdot.org/
---

Title: Ubuntu Linux Impacted By Decade-Old 'needrestart' Flaw That Gives Root

Link: https://it.slashdot.org/story/24/11/21/005720...

Five local privilege escalation (LPE) vulnerabilities in the Linux utility
"needrestart" -- widely used on Ubuntu to manage service updates -- allow
attackers with local access to escalate privileges to root. The flaws were
discovered by Qualys in needrestart version 0.8, and fixed in version 3.8.
BleepingComputer reports: Complete information about the flaws was made
available in a separate text file, but a summary can be found below: - CVE-
2024-48990: Needrestart executes the Python interpreter with a PYTHONPATH
environment variable extracted from running processes. If a local attacker
controls this variable, they can execute arbitrary code as root during Python
initialization by planting a malicious shared library. - CVE-2024-48992: The
Ruby interpreter used by needrestart is vulnerable when processing an
attacker-controlled RUBYLIB environment variable. This allows local attackers
to execute arbitrary Ruby code as root by injecting malicious libraries into
the process. - CVE-2024-48991: A race condition in needrestart allows a local
attacker to replace the Python interpreter binary being validated with a
malicious executable. By timing the replacement carefully, they can trick
needrestart into running their code as root. - CVE-2024-10224: Perl's
ScanDeps module, used by needrestart, improperly handles filenames provided
by the attacker. An attacker can craft filenames resembling shell commands
(e.g., command|) to execute arbitrary commands as root when the file is
opened. - CVE-2024-11003: Needrestart's reliance on Perl's ScanDeps module
exposes it to vulnerabilities in ScanDeps itself, where insecure use of
eval() functions can lead to arbitrary code execution when processing
attacker-controlled input. The report notes that attackers would need to have
local access to the operation system through malware or a compromised account
in order to exploit these flaws. "Apart from upgrading to version 3.8 or
later, which includes patches for all the identified vulnerabilities, it is
recommended to modify the needrestart.conf file to disable the interpreter
scanning feature, which prevents the vulnerabilities from being exploited,"
adds BleepingComputer.

Read more of this story at Slashdot.

---
VRSS v2.1.180528
  Show ANSI Codes | Hide BBCodes | Show Color Codes | Hide Encoding | Hide HTML Tags | Show Routing
Previous Message | Next Message | Back to Slashdot  <--  <--- Return to Home Page
VADV-PHP
Execution Time: 0.015 seconds

If you experience any problems with this website or need help, contact the webmaster.
VADV-PHP Copyright © 2002-2024 Steve Winn, Aspect Technologies. All Rights Reserved.
Virtual Advanced Copyright © 1995-1997 Roland De Graaf.
 v2.1.241108