– These flaws have existed since 2014 and affect Debian, Ubuntu, and other Linux distributions
– The vulnerabilities allow local attackers to gain root privileges without user interaction
Technical Details:
Five major vulnerabilities have been identified:
1. CVE-2024-48990 (CVSS 7.8): Python interpreter exploitation via PYTHONPATH
2. CVE-2024-48991 (CVSS 7.8): Root code execution through fake Python interpreter
3. CVE-2024-48992 (CVSS 7.8): Ruby interpreter exploitation via RUBYLIB
4. CVE-2024-11003 (CVSS 7.8) and CVE-2024-10224 (CVSS 5.3): Root shell command execution through libmodule-scandeps-perl vulnerability
Impact:
– Attackers can execute arbitrary code with root privileges
– System integrity and security can be completely compromised
– Affects package installations and upgrades
Remediation:
1. Update to needrestart version 3.8 immediately
2. Temporary mitigation: Disable interpreter scanners in needrestart configuration
3. Ensure all patches are applied promptly
The Qualys Threat Research Unit emphasizes these vulnerabilities are easily exploitable, making immediate action crucial for system security.