Race Condition Vulnerability in Needrestart by Qualys
CVE-2024-48991

7.8HIGH

Key Information:

Vendor: Needrestart
Status: Needrestart
Vendor: CVE Published:; 19 November 2024

🔔 Create Needrestart Vulnerability Alert

What is CVE-2024-48991?

A vulnerability identified in Needrestart prior to version 3.8 can be exploited by local attackers to execute arbitrary code with root privileges. This is achieved through a race condition that allows an attacker to manipulate the system into using a malicious Python interpreter in place of the intended one. Although an initial security patch was introduced, it inadvertently created a regression that was later resolved. Users are advised to update to the latest version of Needrestart to mitigate the associated risks.

Affected Version(s)

needrestart Linux 0 < 3.8

References

https://www.cve.org/CVERecord?id=CVE-2024-48991

issue-tracking

https://github.com/liske/needrestart/commit/6ce6136cccc30...

patch

https://github.com/liske/needrestart/commit/42af5d3289012...

patch

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 19, 2024

Credit

Qualys

Thomas Liske

Mark Esler

Salvatore Bonaccorso

Ivan Kurnosov