Critical Ubuntu Flaw Lets Attackers Gain Root Access Through 10-Year-Old Bug

Critical Ubuntu Flaw Lets Attackers Gain Root Access Through 10-Year-Old Bug

– Multiple serious security vulnerabilities have been discovered in the needrestart package, a default component in Ubuntu Server since version 21.04

– These flaws have existed since 2014 and affect Debian, Ubuntu, and other Linux distributions

– The vulnerabilities allow local attackers to gain root privileges without user interaction

Technical Details:

Five major vulnerabilities have been identified:

1. CVE-2024-48990 (CVSS 7.8): Python interpreter exploitation via PYTHONPATH

2. CVE-2024-48991 (CVSS 7.8): Root code execution through fake Python interpreter

3. CVE-2024-48992 (CVSS 7.8): Ruby interpreter exploitation via RUBYLIB

4. CVE-2024-11003 (CVSS 7.8) and CVE-2024-10224 (CVSS 5.3): Root shell command execution through libmodule-scandeps-perl vulnerability

Impact:

– Attackers can execute arbitrary code with root privileges

– System integrity and security can be completely compromised

– Affects package installations and upgrades

Remediation:

1. Update to needrestart version 3.8 immediately

2. Temporary mitigation: Disable interpreter scanners in needrestart configuration

3. Ensure all patches are applied promptly

The Qualys Threat Research Unit emphasizes these vulnerabilities are easily exploitable, making immediate action crucial for system security.

Share This Article