vulnerability

Debian: CVE-2022-30688: needrestart -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	May 19, 2022	May 19, 2022	May 27, 2022

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

May 19, 2022

Added

May 19, 2022

Modified

May 27, 2022

Description

needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.

Solution

debian-upgrade-needrestart

References

CVE-2022-30688
https://attackerkb.com/topics/CVE-2022-30688
DEBIAN-DLA-3013-1
DEBIAN-DSA-5137
DEBIAN-DSA-5137-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today