CVE-2024-48991

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3).

CVSS

No CVSS.

References

Link	Resource
http://www.openwall.com/lists/oss-security/2024/11/30/4	Mailing List
https://github.com/liske/needrestart/commit/42af5d328901287a4f79d1f5861ac827a53fd56d	Patch
https://github.com/liske/needrestart/commit/6ce6136cccc307c6b8a0f8cae12f9a22ac2aad59	Patch
https://www.cve.org/CVERecord?id=CVE-2024-48991	VDB Entry
https://www.openwall.com/lists/oss-security/2024/11/19/1	Mailing List
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:needrestart_project:needrestart:*:*:*:*:*:*:*:*

History

03 Jul 2025, 16:08

Type	Values Removed	Values Added
CPE		cpe:2.3:a:needrestart_project:needrestart::::::::
References	~~() http://www.openwall.com/lists/oss-security/2024/11/30/4 -~~	() http://www.openwall.com/lists/oss-security/2024/11/30/4 - Mailing List
References	~~() https://github.com/liske/needrestart/commit/6ce6136cccc307c6b8a0f8cae12f9a22ac2aad59 -~~	() https://github.com/liske/needrestart/commit/6ce6136cccc307c6b8a0f8cae12f9a22ac2aad59 - Patch
References	~~() https://www.cve.org/CVERecord?id=CVE-2024-48991 -~~	() https://www.cve.org/CVERecord?id=CVE-2024-48991 - VDB Entry
References	~~() https://github.com/liske/needrestart/commit/42af5d328901287a4f79d1f5861ac827a53fd56d -~~	() https://github.com/liske/needrestart/commit/42af5d328901287a4f79d1f5861ac827a53fd56d - Patch
References	~~() https://www.openwall.com/lists/oss-security/2024/11/19/1 -~~	() https://www.openwall.com/lists/oss-security/2024/11/19/1 - Mailing List
References	~~() https://www.qualys.com/2024/11/19/needrestart/needrestart.txt -~~	() https://www.qualys.com/2024/11/19/needrestart/needrestart.txt - Third Party Advisory
First Time		Needrestart Project needrestart Needrestart Project

03 Dec 2024, 14:15

Type	Values Removed	Values Added
References		() https://www.openwall.com/lists/oss-security/2024/11/19/1 -

30 Nov 2024, 13:15

Type	Values Removed	Values Added
References		() http://www.openwall.com/lists/oss-security/2024/11/30/4 - () https://github.com/liske/needrestart/commit/42af5d328901287a4f79d1f5861ac827a53fd56d -
Summary	Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter).	Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter). The initial security fix (6ce6136) introduced a regression which was subsequently resolved (42af5d3).

19 Nov 2024, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-19 18:15

Updated : 2025-07-03 16:08

NVD link : CVE-2024-48991

Mitre link : CVE-2024-48991

JSON object : View

Products Affected

needrestart_project

needrestart

CWE

No CWE.

JSON object

Attach tags to CVE-2024-48991

Attach tags to `CVE-2024-48991`