{"id":60423,"date":"2024-11-20T22:06:15","date_gmt":"2024-11-20T19:06:15","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/182711\/dsa-5815-1.txt"},"modified":"2024-11-20T22:06:15","modified_gmt":"2024-11-20T19:06:15","slug":"debian-security-advisory-5815-1","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/debian-security-advisory-5815-1\/","title":{"rendered":"Debian Security Advisory 5815-1"},"content":{"rendered":"

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512<\/p>\n

– ————————————————————————-
Debian Security Advisory DSA-5815-1 security@debian.org
https:\/\/www.debian.org\/security\/ Salvatore Bonaccorso
November 19, 2024 https:\/\/www.debian.org\/security\/faq
– ————————————————————————-<\/p>\n

Package : needrestart
CVE ID : CVE-2024-11003 CVE-2024-48990 CVE-2024-48991 CVE-2024-48992<\/p>\n

The Qualys Threat Research Unit discovered several local privilege
escalation vulnerabilities in needrestart, a utility to check which
daemons need to be restarted after library upgrades. A local attacker
can execute arbitrary code as root by tricking needrestart into running
the Python interpreter with an attacker-controlled PYTHONPATH
environment variable (CVE-2024-48990) or running the Ruby interpreter
with an attacker-controlled RUBYLIB environment variable
(CVE-2024-48992). Additionally a local attacker can trick needrestart
into running a fake Python interpreter (CVE-2024-48991) or cause
needrestart to call the Perl module Module::ScanDeps with
attacker-controlled files (CVE-2024-11003).<\/p>\n

Details can be found in the Qualys advisory at
https:\/\/www.qualys.com\/2024\/11\/19\/needrestart\/needrestart.txt<\/p>\n

For the stable distribution (bookworm), these problems have been fixed in
version 3.6-4+deb12u2.<\/p>\n

We recommend that you upgrade your needrestart packages.<\/p>\n

For the detailed security status of needrestart please refer to its
security tracker page at:
https:\/\/security-tracker.debian.org\/tracker\/needrestart<\/p>\n

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https:\/\/www.debian.org\/security\/<\/p>\n

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–<\/p>\n

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmc8u7BfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SWTw\/\/ZZyH3BeNHygAtvD7zi6CEOe6Ni\/1fz6RWMiKXmcRFoEPvTb5w7lg7ofj
TtpZA3Om2ydUnil+XbmaIC9O5\/dJ3+oFAtPyUHqI6aIwbr8PDhsJegVh7XW2lw3I
zou8DQrNVgTLVhYZNJ+q77HqxMYE73opIH7D5YjTY11jgqXIGzFTvuoVFdnmBKCY
wgdEUaGf0nidS58HnArIxaT2ObGFgtyfxo+mjRYhUDNuJRDe1p2v7DCs8HnZA1XG
XbVU2ueZkvyAjFi8LwfJA2+ju1CA6JHQUttm\/YiJIqXSe204UQdDpFW7fgHOMvGI
ZawWI1ohzSSVmNck4UxWZ5IxNwbFK2YNAH1XqL8NUTnhFRcUlf1i8eWJn6Tbp2jO
YZ52CsnVruAmB7o0u3fQE6YJGFtuX9dmO+\/qF6\/SXrBrqMUVxeoKGFZBGNOH2ppE
sNB4Dl6yRd6rxaDCSNMSRRSHDNJJxSBSUiyKSmQYziDpciRTgiHDlxzThv8hrCBT
osH\/63F02Ep\/gj\/QQcbL+FXpD5w6eLk6mJMRnfv+MvqzzEm0DrRA9g8v6r2lTVPT
hHEFpWuRHEtF1V6PuwMQMqIjWK\/XnoTOzylTkerQmsy0oP8BwRtDF652csyDGbSE
rO17YGPLUCH6fLbgagIUisrzq\/tfZmRcIjsUTsYLQgDGidtMccI=
=Rku5
—–END PGP SIGNATURE—–<\/p>\n","protected":false},"excerpt":{"rendered":"

—–BEGIN PGP SIGNED MESSAGE—–Hash: SHA512 – ————————————————————————-Debian Security Advisory DSA-5815-1 security@debian.orghttps:\/\/www.debian.org\/security\/ Salvatore BonaccorsoNovember 19, 2024 https:\/\/www.debian.org\/security\/faq– ————————————————————————- Package : needrestartCVE ID : CVE-2024-11003 CVE-2024-48990 CVE-2024-48991 CVE-2024-48992 The Qualys Threat Research Unit discovered several local privilegeescalation vulnerabilities in needrestart, a utility to check whichdaemons need to be restarted after library upgrades. A local attackercan execute arbitrary …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-60423","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/60423","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=60423"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/60423\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=60423"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=60423"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=60423"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}