Man
Professional
- Messages
- 3,006
- Reaction score
- 531
- Points
- 113
A long-term vulnerability almost turned into a disaster for millions of users.
Ubuntu Linux has been criticized for vulnerabilities discovered by experts that have existed since the creation of the needrestart utility in 2014. These vulnerabilities allow attackers to gain root privileges without user intervention if they have local access to the system.
Qualys identified five vulnerabilities registered as CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003. All but the penultimate issues received a CVSS score of 7.8, while CVE-2024-10224 was rated 5.3. All vulnerabilities are related to the needrestart utility, which checks for the need to restart services after updates or changes to the system's library files.
First introduced in 2014, the utility is quite useful for applying system updates without the need for a full reboot, which helps to maintain the security of the OS without sacrificing time and stability. However, it turned out that needrestart had been vulnerable since version 0.8, which was included in Ubuntu 21.04. The first version free of vulnerabilities, 3.8, became available only this week.
The essence of the vulnerabilities lies in the ability to execute arbitrary code on the attacked system. To do this, the attacker must have local access, which, however, can be obtained through malware or compromised accounts.
While this condition somewhat limits the attack surface, experts note that similar Linux vulnerabilities have been successfully exploited to escalate privileges in the past. Experts advise Ubuntu administrators to immediately update the needrestart utility to version 3.8 to eliminate the threat and prevent potential attacks.
Source
Ubuntu Linux has been criticized for vulnerabilities discovered by experts that have existed since the creation of the needrestart utility in 2014. These vulnerabilities allow attackers to gain root privileges without user intervention if they have local access to the system.
Qualys identified five vulnerabilities registered as CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003. All but the penultimate issues received a CVSS score of 7.8, while CVE-2024-10224 was rated 5.3. All vulnerabilities are related to the needrestart utility, which checks for the need to restart services after updates or changes to the system's library files.
First introduced in 2014, the utility is quite useful for applying system updates without the need for a full reboot, which helps to maintain the security of the OS without sacrificing time and stability. However, it turned out that needrestart had been vulnerable since version 0.8, which was included in Ubuntu 21.04. The first version free of vulnerabilities, 3.8, became available only this week.
The essence of the vulnerabilities lies in the ability to execute arbitrary code on the attacked system. To do this, the attacker must have local access, which, however, can be obtained through malware or compromised accounts.
While this condition somewhat limits the attack surface, experts note that similar Linux vulnerabilities have been successfully exploited to escalate privileges in the past. Experts advise Ubuntu administrators to immediately update the needrestart utility to version 3.8 to eliminate the threat and prevent potential attacks.
Source
