liske/needrestart

liske/needrestart

Releases45

Frequency3 months 1 week

Last Release about 1 year ago

Stars509

Restart daemons after library updates.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-48990 ↗	Nov 19, 2024Tuesday, 19 November 2024, 18:15	7.8 HIGH	—
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
CVE-2024-48991 ↗	Nov 19, 2024Tuesday, 19 November 2024, 18:15	7.8 HIGH	—
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3).
CVE-2024-48992 ↗	Nov 19, 2024Tuesday, 19 November 2024, 18:15	7.8 HIGH	—
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable.
CVE-2024-11003 ↗	Nov 19, 2024Tuesday, 19 November 2024, 18:15	7.8 HIGH	—
Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps.
CVE-2022-30688 ↗	May 17, 2022Tuesday, 17 May 2022, 19:15	7.8 HIGH	4.6 MEDIUM
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.