Unsanitized Data Passing in Needrestart Could Allow Local Attack
CVE-2024-11003
Key Information:
- Vendor
Needrestart
- Status
- Vendor
- CVE Published:
- 19 November 2024
Badges
What is CVE-2024-11003?
A vulnerability in the Needrestart tool prior to version 3.8 exposes users to potential command injection attacks. This flaw arises from the improper handling of unsanitized input that is passed to the Modules::ScanDeps library, which is designed to process safe data. A local attacker exploiting this vulnerability could execute arbitrary shell commands, thereby compromising the integrity of the system. For more information, refer to related advisory references and patches.
Affected Version(s)
needrestart Linux 0 < 3.8
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Ubuntu affected by 10-year-old flaws in needrestart package
The five vulnerabilities could lead to local privilege escalation without user interaction.
The Hacker NewsDecades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package
Critical Ubuntu needrestart flaws allow local root privilege escalation; update immediately to safeguard systems.
References
EPSS Score
11% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
- 📰
First article discovered by The Hacker News
Vulnerability published
Vulnerability Reserved