Ubuntu: USN-7117-1 (CVE-2024-48991): needrestart and Module::ScanDeps vulnerabilities
Description
Qualys discovered that needrestart passed unsanitized data to a library (libmodule-scandeps-perl) which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-11003)Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands. (CVE-2024-10224)Qualys discovered that needrestart incorrectly used the PYTHONPATH environment variable to spawn a new Python interpreter. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-48990)Qualys discovered that needrestart incorrectly checked the path to the Python interpreter. A local attacker could possibly use this issue to win a race condition and execute arbitrary code as root. (CVE-2024-48991)Qualys discovered that needrestart incorrectly used the RUBYLIB environment variable to spawn a new Ruby interpreter. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-48992)
Solution(s)
- ubuntu-pro-upgrade-libmodule-scandeps-perl
- ubuntu-pro-upgrade-needrestart
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center