<ul><li>Qualys discovered local privilege escalation vulnerabilities in the needrestart package (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, and CVE-2024-11003) and the libmodule-scandeps-perl package (CVE-2024-10224).</li><li>Canonical has released updates for the needrestart and libmodule-scandeps-perl packages for all Ubuntu releases, including Ubuntu Server images since 21.04.</li><li>The vulnerabilities allow a local attacker to gain root privileges by manipulating environment variables and exploiting a time-of-check time-of-use race condition.</li><li>Affected users are advised to update their packages as soon as possible to mitigate the risks.</li></ul>

Needrestart local privilege escalation vulnerability fixes available

Discover more