14 matches found
CLSA-2024-1734028058 Fix CVE(s): CVE-2024-11003, CVE-2024-48990, CVE-2024-48991, CVE-2024-48992
SECURITY UPDATE: Prevent running the Python interpreter with an attacker-controlled PYTHONPATH environment variable - debian/patches/CVE-2024-48990-CVE-2024-48991.patch: do not set PYTHONPATH environment variable to prevent a LPE and prevent race condition on /proc/$PID/exec evaluation -...
Ubuntu: Security Advisory (USN-7117-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-d2124788a8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : needrestart (2024-6015ee69f0)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6015ee69f0 advisory. Rebase to fix CVEs Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
Fedora 41 : needrestart (2024-a9cf3dad4f)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a9cf3dad4f advisory. Rebase to fix CVEs Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
needrestart Local Privilege Escalation Vulnerability
LPEs in needrestart CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003 ======================================================================== Contents ======================================================================== Summary Background CVE-2024-48990 and...
needrestart Local Privilege Escalation
Qualys Security Advisory LPEs in needrestart CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003 ======================================================================== Contents ======================================================================== Summary...
CVE-2024-48991
creationtimestamp| type| source ---|---|--- 2024-11-21 13:05:05+00:00| seen| https://t.me/truesecator/6456 2024-11-23 01:55:46+00:00| seen| https://t.me/itsecnews/4798 2024-11-24 19:00:01+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/9164 2024-11-24 22:11:52+00:00|...
Ubuntu: Security Advisory (USN-7117-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-48991
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter instead of the system's real Python interpreter. The initial security fix 6ce6136...
[SECURITY] [DLA 3957-1] needrestart security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3957-1 [email protected] https://www.debian.org/lts/security/ Salvatore Bonaccorso November 19, 2024 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5815-1] needrestart security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5815-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 19, 2024 https://www.debian.org/security/faq -...
CVE-2024-48991
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter instead of the system's real Python interpreter. The initial security fix 6ce6136...
UBUNTU-CVE-2024-48991
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter instead of the system's real Python interpreter. The initial security fix 6ce6136...