CVE-2024-48990

Published Nov 19, 2024

Last updated 3 months ago

CVSS high 7.8

Overview

Description
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
Source
security@ubuntu.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-427

Social media

Hype score
Not currently trending

  1. Linux LPE via Needrestart (CVE-2024-48990) allows local attackers to gain root access by exploiting improper handling of the PYTHONPATH variable in versions prior to 3.8. #CVE2024 #Linux #LPE https://t.co/B8KRDjioDq

    @RootOps_

    5 Jan 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Apache Tomcat RCE https://t.co/biOW1jOz6G 2. CVE-2024-48990: Qualys needrestart <3.8 - Uncontrolled Search Path Element https://t.co/pKVKT2PM7r

    @ShaiiikShoaiiib

    24 Dec 2024

    196 Impressions

    0 Retweets

    3 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  3. #exploit 1. CVE-2024-50379: Apache Tomcat RCE https://t.co/WAsPq9YMAW 2. CVE-2024-48990: Qualys needrestart <3.8 - Uncontrolled Search Path Element https://t.co/TrNdynfKau

    @ksg93rd

    23 Dec 2024

    224 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Ubuntuのneedrestartに脆弱性(CVE-2024-48990、CVE-2024-48991、CVE-2024-48992、CVE-2024-10224、CVE-2024-11003) https://t.co/jdRGYKBJWD

    @01Programing

    25 Nov 2024

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Ubuntuのneedrestartに脆弱性(CVE-2024-48990、CVE-2024-48991、CVE-2024-48992、CVE-2024-10224、CVE-2024-11003)|セキュリティニュース https://t.co/Cm1CuKHnqf

    @01ra66it

    25 Nov 2024

    233 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. GitHub - makuga01/CVE-2024-48990-PoC: PoC for CVE-2024-48990 https://t.co/xCVnpcBojh

    @akaclandestine

    24 Nov 2024

    1081 Impressions

    2 Retweets

    2 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  7. Actively exploited CVE : CVE-2024-48990

    @transilienceai

    24 Nov 2024

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  8. CVE-2024-48990: Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable. https://t.co/0bp0fZTQ1P https

    @cyber_advising

    23 Nov 2024

    720 Impressions

    0 Retweets

    7 Likes

    5 Bookmarks

    0 Replies

    0 Quotes

  9. GitHub - makuga01/CVE-2024-48990-PoC: PoC for CVE-2024-48990 - https://t.co/OMGxkSLSIS

    @piedpiper1616

    22 Nov 2024

    1990 Impressions

    13 Retweets

    27 Likes

    12 Bookmarks

    0 Replies

    0 Quotes

  10. Ubuntu 25.04 Plucky Puffin e vulnerabilità needrestart Tech, CVE-2024-48990, cybersecurity, GNOME 48, Linux Kernel 6.14, needrestart, Plucky Puffin, Ubuntu 25.04, vulnerabilità https://t.co/9V8nBaEREJ https://t.co/sTcVUZ2vME

    @matricedigitale

    21 Nov 2024

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Canonical’s security team has released updates for the needrestart and libmodule-scandeps-perl packages for all Ubuntu releases. The updates remediate CVE-2024-10224, CVE-2024-11003, CVE-2024-48990, CVE-2024-48991 and CVE-2024-48992. Learn more on the blog https://t.co/vjtSFyCpCK

    @ubuntu

    21 Nov 2024

    6943 Impressions

    15 Retweets

    74 Likes

    6 Bookmarks

    0 Replies

    1 Quote

  12. CVE-2024-48990 and other: Multiple vulns in Needrestart utility for Ubuntu, 5.3 - 7.8 rating❗️ Five vulns allow LPE to be carried out on machines running Ubuntu OS. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/YW9lwDxQUw #cybersecurity #vulnerability_map #ubuntu ht

    @Netlas_io

    21 Nov 2024

    348 Impressions

    1 Retweet

    6 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Great catch(es) with CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003 by @qualys in “needrestart” v0.8 in Ubuntu Linux 21.04. Needrestart v3.8 patches all five. Released yesterday. Full text of the Qualys advisory at https://t.co/Jl3HFVKjQw

    @Sujeet

    20 Nov 2024

    93 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. 5 Privilege Escalation Flaws Found in #Ubuntu's Default Utility, #needrestart CVEs CVE-2024-48990, CVE-2024-48991, CVE-2024-48992 These flaws can be exploited by any unprivileged user to gain full root access without requiring user interaction https://t.co/OcI2NlXn53

    @the_yellow_fall

    20 Nov 2024

    766 Impressions

    9 Retweets

    21 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  15. Was going to let that just be a tweet but it turned into a full blown blogpost - Servers NeedRestart - The Problem with CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003 https://t.co/TBrlK4XeBb

    @nanovms

    20 Nov 2024

    189 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. CVE-2024-48990 CVE-2024-48991 CVE-2024-48992 CVE-2024-10224 and CVE-2024-11003 - all probably affecting your ubuntu servers - this is a perfect example of why you should be using unikernels - WTF would you allow some perl to run as root if you yourself don't code in perl? https:

    @nanovms

    19 Nov 2024

    293 Impressions

    0 Retweets

    6 Likes

    0 Bookmarks

    0 Replies

    1 Quote

References