needrestart 0.8 up to and including 3.5 prior to 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
needrestart project needrestart |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
debian debian linux 11.0 |