Thomas Liske

6 exploits Active since May 2022
CVE-2024-11003 WRITEUP HIGH WRITEUP
needrestart < 3.8 - Local OS Command Injection via Modules::ScanDeps
Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps.
CVSS 7.8
CVE-2024-48990 WRITEUP HIGH WRITEUP
Ubuntu needrestart Privilege Escalation
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
CVSS 7.8
CVE-2024-48991 WRITEUP HIGH WRITEUP
needrestart < 3.8 - Local Privilege Escalation via Python Interpreter Race Condition
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3).
CVSS 7.8
CVE-2022-30688 WRITEUP HIGH WRITEUP
needrestart <3.6 - Privilege Escalation
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.
CVSS 7.8
CVE-2024-48991 WRITEUP HIGH WRITEUP
needrestart < 3.8 - Local Privilege Escalation via Python Interpreter Race Condition
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3).
CVSS 7.8
CVE-2024-48992 WRITEUP HIGH WRITEUP
needrestart < 3.8 - Local Privilege Escalation via RUBYLIB Environment Variable
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable.
CVSS 7.8