Trends

Security bugs found in Linux’s needrestart tool after 10 years

What happened Linux‘s needrestart tool has been found to contain security flaws that went undetected for a decade. These vulnerabilities allow unprivileged local attackers to gain root access without user interaction, making them highly dangerous. Researchers at Qualys have refused to release exploi…

AuthorTanee Shao

Reading Time2 min

PublishedNovember 22, 2024

Primary DomainN/A

Content TypeN/A

TopicN/A

EntityN/A

RegionN/A

Time HorizonN/A

ImpactN/A

ConfidenceN/A

Headline

Context

Linux ‘s needrestart tool has been found to contain security flaws that went undetected for a decade. These vulnerabilities allow unprivileged local attackers to gain root access without user interaction, making them highly dangerous. Researchers at Qualys have refused to release exploit code but describe the flaws as “alarming” and “easily exploitable,” urging admins to apply fixes immediately. The needrestart tool, which determines if a system restart is required after updates, is included in many Linux distributions, notably Ubuntu Server. The flaws are present in versions before 3.8, introduced back in 2014.

Evidence

Pending intelligence enrichment.

Analysis

Five vulnerabilities (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, CVE-2024-11003) involve issues with Python, Ruby, and Perl interpreters, allowing attackers to execute code as root. Administrators should update needrestart to version 3.8 or later or modify configurations to mitigate these issues. Also read: Web vulnerabilities: Risks to data and reputation Also read: Can encrypted data be compromised? Revealing hidden vulnerabilities

Key Points

Linux’s needrestart tool has been found to have security flaws since 2014, allowing local attackers to gain root access without user interaction.
Five vulnerabilities affecting Python, Ruby, and Perl interpreters make these flaws highly dangerous and easily exploitable.