module
Ubuntu needrestart Privilege Escalation
| Disclosed |
|---|
| Nov 19, 2024 |
Disclosed
Nov 19, 2024
Description
Local attackers can execute arbitrary code as root by
tricking needrestart into running the Python interpreter with an
attacker-controlled PYTHONPATH environment variable.
Verified against Ubuntu 22.04 with needrestart 3.5-5ubuntu2.1
Attempted exploitation against Debian 12, expliotation failed
tricking needrestart into running the Python interpreter with an
attacker-controlled PYTHONPATH environment variable.
Verified against Ubuntu 22.04 with needrestart 3.5-5ubuntu2.1
Attempted exploitation against Debian 12, expliotation failed
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.