Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 24.10: USN-7117-2 critical: needrestart regression resolved

ubuntu
Calendar Grey November 26, 2024
Dist Ubuntu Esm H88
Explore the latest enhancements for Ubuntu's needrestart, featuring essential patches for security vulnerabilities as well as a fix for the recent regression.
USN-7117-1 caused some regression in needrestart.

Summary

USN-7117-1 caused some regression in needrestart.

Software Description:

- needrestart: check which daemons need to be restarted after library

upgrades

Details:

USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a

regression in needrestart. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Qualys discovered that needrestart passed unsanitized data to a library

(libmodule-scandeps-perl) which expects safe input. A local attacker could

possibly use this issue to execute arbitrary code as root.

(CVE-2024-11003)

Qualys discovered that the library libmodule-scandeps-perl incorrectly

parsed perl code. This could allow a local attacker to execute arbitrary

shell commands. (CVE-2024-10224)

Qualys discovered that needrestart incorrectly used the PYTHONPATH

environment variable to spawn a new Python interpreter. A local attacker

could possibly use this issue to execute arbit...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
   needrestart                     3.6-8ubuntu4.3

Ubuntu 24.04 LTS
   needrestart                     3.6-7ubuntu4.4

Ubuntu 22.04 LTS
   needrestart                     3.5-5ubuntu2.3

Ubuntu 20.04 LTS
   needrestart                     3.4-6ubuntu0.1+esm2
                                   Available with Ubuntu Pro

Ubuntu 18.04 LTS
   needrestart                     3.1-1ubuntu0.1+esm2
                                   Available with Ubuntu Pro

Ubuntu 16.04 LTS
   needrestart                     2.6-1ubuntu0.1~esm2
                                   Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7117-2

https://ubuntu.com/security/notices/USN-7117-1

https://bugs.launchpad.net/ubuntu/+source/needrestart/+bug/2089193

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7117-2

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here