Canonical has released security updates to fix vulnerabilities in the needrestart and libmodule-scandeps-perl packages, which have been installed by default in Ubuntu since 21.04. The patches address Local Privilege Escalation (LPE) issues that allow local attackers to gain root privileges.
The vulnerabilities, identified as CVE-24024-48991, CVE-2024-10224, and CVE-2024-11003, were discovered by Qualys. They can be exploited to control the Python interpreter or run arbitrary shell commands. The affected packages are Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10 for both server and desktop installations.
To check if you’re impacted, run `apt list –installed | grep “^\(needrestart\|libmodule-scandeps-perl\)”`. If you have an outdated version of the needrestart package, update it using `sudo apt update && sudo apt install –only-upgrade needrestart libmodule-scandeps-perl`.
Regularly installing available updates is crucial to prevent attackers from exploiting vulnerabilities.
Source: https://www.neowin.net/news/ubuntu-patches-needrestart-security-vulnerability