Re: Local Privilege Escalations in needrestart

Posted by Mark Esler on Nov 27The security fix for CVE-2024-48991, 6ce6136 (“core: prevent race condition on /proc/$PID/exec evaluation”) [0], introduced a regression which was subsequently fixed 42af5d3 ("core: fix regression of false positives for processes running in chroot or mountns (#317)") [1]. Many thanks to Ivan Kurnosov and Salvatore Bonaccorso for their review. [0] https://github.com/liske/needrestart/commit/6ce6136cccc307c6b8a0f8cae12f9a22ac2aad59...

Nov 28, 2024 - 04:30
 0  7
Re: Local Privilege Escalations in needrestart

Posted by Mark Esler on Nov 27The security fix for CVE-2024-48991, 6ce6136 (“core: prevent race
condition on /proc/$PID/exec evaluation”) [0], introduced a regression
which was subsequently fixed 42af5d3 ("core: fix regression of false
positives for processes running in chroot or mountns (#317)") [1].

Many thanks to Ivan Kurnosov and Salvatore Bonaccorso for their review.

[0] https://github.com/liske/needrestart/commit/6ce6136cccc307c6b8a0f8cae12f9a22ac2aad59...

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow