Home Security Decades-Old Security Vulnerabilities Found in Ubuntu’s Needrestart Package

Decades-Old Security Vulnerabilities Found in Ubuntu’s Needrestart Package

by


Nov 20, 2024Ravie LakshmananLinux / Vulnerability

Multiple decade-old security vulnerabilities have been disclosed in the needrestart package installed by default in Ubuntu Server (since version 21.04) that could allow a local attacker to gain root privileges without requiring user interaction.

The Qualys Threat Research Unit (TRU), which identified and reported the flaws early last month, said they are trivial to exploit, necessitating that users move quickly to apply the fixes. The vulnerabilities are believed to have existed since the introduction of interpreter support in needrestart 0.8, which was released on April 27, 2014.

“These needrestart exploits allow Local Privilege Escalation (LPE) which means that a local attacker is able to gain root privileges,” Ubuntu said in an advisory, noting they have been addressed in version 3.8. “The vulnerabilities affect Debian, Ubuntu, and other Linux distributions.”

Needrestart is a utility that scans a system to determine the services that need to be restarted after applying shared library updates in a manner that avoids a complete system reboot.

Cybersecurity

The five flaws are listed below –

  • CVE-2024-48990 (CVSS score: 7.8) – A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable
  • CVE-2024-48991 (CVSS score: 7.8) – A vulnerability that allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter
  • CVE-2024-48992 (CVSS score: 7.8) – A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable
  • CVE-2024-11003 (CVSS score: 7.8) and CVE-2024-10224 (CVSS score: 5.3) – Two vulnerabilities that allows a local attacker to execute arbitrary shell commands as root by taking advantage of an issue in the libmodule-scandeps-perl package (before version 1.36)

Successful exploitation of the aforementioned shortcomings could allow a local attacker to set specially crafted environment variables for PYTHONPATH or RUBYLIB that could result in the execution of arbitrary code pointing to the threat actor’s environment when needrestart is run.

“In CVE-2024-10224, […] attacker-controlled input could cause the Module::ScanDeps Perl module to run arbitrary shell commands by open()ing a ‘pesky pipe’ (such as by passing ‘commands|’ as a filename) or by passing arbitrary strings to eval(),” Ubuntu noted.

Cybersecurity

“On its own, this is not enough for local privilege escalation. However, in CVE-2024-11003 needrestart passes attacker-controlled input (filenames) to Module::ScanDeps and triggers CVE-2024-10224 with root privilege. The fix for CVE-2024-11003 removes needrestart’s dependency on Module::ScanDeps.”

While it’s highly advised to download the latest patches, Ubuntu said users can disable interpreter scanners in needrestart the configuration file as a temporary mitigation and ensure that the changes are reverted after the updates are applied.

“These vulnerabilities in the needrestart utility allow local users to escalate their privileges by executing arbitrary code during package installations or upgrades, where needrestart is often run as the root user,” Saeed Abbasi, product manager of TRU at Qualys, said.

“An attacker exploiting these vulnerabilities could gain root access, compromising system integrity and security.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex