Ubuntu patches needrestart security vulnerability

By Paul Hill

Ubuntu patches needrestart security vulnerability

Canonical, the company behind Ubuntu, has announced that its security team has released updates that fix vulnerabilities in the needrestart and libmodule-scandeps-perl packages found by Qualys.

These packages have been installed by default in Ubuntu since Ubuntu 21.04 so it's important to install these updates.

Providing background on these vulnerabilities, Canonical says they allow Local Privilege Escalation (LPE) which means that a local attacker can use them to gain root privileges and do anything they like to the system. Explaining the specifics, the Ubuntu maker says:

"In CVE-24024-48991 a local attacker can control the Python interpreter by winning a time-of-check time-of-use race condition against needrestart.

In CVE-2024-10224, Qualys discovered that attacker-controlled input could cause the Module::ScanDeps Perl module to run arbitrary shell commands by open()ing a "pesky pipe" (such as by passing "commands|" as a filename) or by passing arbitrary strings to eval(). On its own, this is not enough for local privilege escalation. However, in CVE-2024-11003 needrestart passes attacker-controlled input (filenames) to Module::ScanDeps and triggers CVE-2024-10224 with root privilege. The fix for CVE-2024-11003 removes needrestart's dependency on Module::ScanDeps."

The impacted versions are Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10 - that goes for the server and desktop installations. Previous releases may also be affected if you've installed the needrestart package.

To check if you are impacted, you can run the following command:

apt list --installed | grep "^\(needrestart\|libmodule-scandeps-perl\)"

If you have needrestart below 3.5-5ubuntu2.1 on 22.04, 3.6-7ubuntu4.1 on 24.04, or 3.6-8ubuntu4 on 24.10, you need to update the package. To upgrade these packages specifically, use the following command:

sudo apt update && sudo apt install --only-upgrade needrestart libmodule-scandeps-perl

It should go without saying, but if you're using an internet-connected computer, it's important to regularly install available updates for your computer so that attackers cannot exploit vulnerabilities.

Source: Ubuntu

Previous articleNext article

POPULAR CATEGORY

entertainment

10820

discovery

4828

multipurpose

11212

athletics

11402