Qualys TRU research claims to have discovered 5 vulnerabilities affecting the needrestart service. These holes allow local users to escalate their privileges through arbitrary code during package installations and/or upgrades where needrestart is running as root user. The attacker gaining root access would compromise the integrity and security of the system.
The implications for businesses are considerable, including unauthorised access to sensitive data, installation of malware and disruption of business operations. This could result in data breaches, regulatory non-compliance and loss of trust among customers and stakeholders, affecting the organisation’s reputation.
In order to mitigate this threat, it is recommended to upgrade needrestart to version 3.8 or disable the vulnerable functionality.
For further information, please refer to the corresponding article in the following link.
If you want to be informed about all the announcements you can follow the Incibe website.