CVE Vulnerabilities

CVE-2022-30688

Published: May 17, 2022 | Modified: Aug 08, 2023
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.

Affected Software

Name Vendor Start Version End Version
Needrestart Needrestart_project 0.8 (including) 3.6 (excluding)
Needrestart Ubuntu bionic *
Needrestart Ubuntu focal *
Needrestart Ubuntu impish *
Needrestart Ubuntu jammy *

References