oss-sec mailing list archives
CVE-2022-30688: needrestart 0.8+ local privilege escalation
From: Thomas Liske <thomas () fiasko-nw net>
Date: Tue, 17 May 2022 20:35:37 +0200
# needrestart: local privilege escalation https://github.com/liske/needrestart ## Description A local privilege escalation has been found in needrestart. CVE-2022- 30688 has been assigned to this issue. The interpreter heuristic contains unanchored regexs allowing local users to execute arbitrary code in the context of the user running needrestart. Needrestart might be run as root by package manager hooks on package installations or upgrades. ## Affected Affected: needrestart >= 0.8 Fixed in: needrestart >= 3.6 ## Mitigation Disabling the interpreter heuristic in neederstart's config prevents this attack: # Disable interpreter scanners. $nrconf{interpscan} = 0; ## Credit Reported by Jakub Wilk. Regards, Thomas Liske
Attachment:
anchor-interp-re.patch
Description:
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- CVE-2022-30688: needrestart 0.8+ local privilege escalation Thomas Liske (May 17)