Security Advisory

CVE-2024-48990

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-19 17:38:07

Last updated 2025-11-03 22:22:08

Assigner canonical

State PUBLISHED

Description

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.

← Browse all CVEs View on cve.org ↗