Описание
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-30688
- https://github.com/liske/needrestart/commit/e6e58136e1e3c92296e2e810cb8372a5fe0dbd30
- https://github.com/liske/needrestart/releases/tag/v3.6
- https://lists.debian.org/debian-lts-announce/2022/05/msg00024.html
- https://lists.debian.org/debian-security-announce/2022/msg00105.html
- https://www.debian.org/security/2022/dsa-5137
- https://www.openwall.com/lists/oss-security/2022/05/17/9
- http://seclists.org/fulldisclosure/2024/Nov/15
- http://seclists.org/fulldisclosure/2024/Nov/17
- http://www.openwall.com/lists/oss-security/2022/05/17/9
Связанные уязвимости
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege esc ...