vulnerability

Ubuntu: USN-5426-1 (CVE-2022-30688): needrestart vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	May 17, 2022	May 18, 2022	Mar 22, 2023

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

May 17, 2022

Added

May 18, 2022

Modified

Mar 22, 2023

Description

needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.

Solution

ubuntu-upgrade-needrestart

References

CVE-2022-30688
https://attackerkb.com/topics/CVE-2022-30688
DEBIAN-DSA-5137
NVD-CVE-2022-30688
UBUNTU-USN-5426-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today