exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2024-48991

около 1 года назад

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3).

CVSS3: 7.8

EPSS: Низкий

CVE-2024-48991

около 1 года назад

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3).

CVSS3: 7.8

EPSS: Низкий

CVE-2024-48991

около 1 года назад

Qualys discovered that needrestart, before version 3.8, allows local a ...

CVSS3: 7.8

EPSS: Низкий

GHSA-4696-66c4-2gvx

около 1 года назад

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter).

CVSS3: 7.8

EPSS: Низкий

BDU:2024-10109

около 1 года назад

Уязвимость утилиты needrestart, связанная с конкурентным доступом к ресурсу (состояние гонки), позволяющая нарушителю выполнить произвольный код в контексте root-пользователя

CVSS3: 7.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-48991 Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3).	CVSS3: 7.8	0% Низкий	около 1 года назад
CVE-2024-48991 Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3).	CVSS3: 7.8	0% Низкий	около 1 года назад
CVE-2024-48991 Qualys discovered that needrestart, before version 3.8, allows local a ...	CVSS3: 7.8	0% Низкий	около 1 года назад
GHSA-4696-66c4-2gvx Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter).	CVSS3: 7.8	0% Низкий	около 1 года назад
BDU:2024-10109 Уязвимость утилиты needrestart, связанная с конкурентным доступом к ресурсу (состояние гонки), позволяющая нарушителю выполнить произвольный код в контексте root-пользователя	CVSS3: 7.8	0% Низкий	около 1 года назад

Уязвимостей на страницу