Ubuntu Server users are advised to apply the latest patches immediately due to multiple decade-old security vulnerabilities found in the needrestart package. The Qualys Threat Research Unit (TRU) identified the flaws, which can allow a local attacker to gain root privileges without user interaction.
The vulnerabilities exist since 2014 and affect Debian, Ubuntu, and other Linux distributions. Needrestart is a utility that scans systems for services requiring restart after shared library updates. However, these five flaws allow local attackers to execute arbitrary code as root by tricking the needrestart utility into running the Python or Ruby interpreter with controlled environment variables.
The vulnerabilities have been addressed in version 3.8 of needrestart. Users can apply the latest patches or disable interpreter scanners in the needrestart configuration file as a temporary mitigation until the updates are applied. Experts warn that exploiting these vulnerabilities could result in root access, compromising system integrity and security.
It is essential for users to move quickly to address these vulnerabilities, as they are considered trivial to exploit. The Qualys Threat Research Unit advises users to download the latest patches or disable interpreter scanners immediately.
Source: https://thehackernews.com/2024/11/decades-old-security-vulnerabilities.html