Re: Local Privilege Escalations in needrestart

Read Time:20 Second

Posted by Mark Esler on Nov 27

The security fix for CVE-2024-48991, 6ce6136 (“core: prevent race
condition on /proc/$PID/exec evaluation”) [0], introduced a regression
which was subsequently fixed 42af5d3 (“core: fix regression of false
positives for processes running in chroot or mountns (#317)”) [1].

Many thanks to Ivan Kurnosov and Salvatore Bonaccorso for their review.

[0] https://github.com/liske/needrestart/commit/6ce6136cccc307c6b8a0f8cae12f9a22ac2aad59…

thunderbird-128.6.0-1.fc40

FEDORA-2025-91031f9df9 Packages in this update: thunderbird-128.6.0-1.fc40 Update description: Update to 128.6.0 https://www.thunderbird.net/en-US/thunderbird/128.6.0esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2025-04/ Read More

January 9, 2025

thunderbird-128.6.0-1.fc41

FEDORA-2025-2f5b9ab47b Packages in this update: thunderbird-128.6.0-1.fc41 Update description: Update to 128.6.0 https://www.thunderbird.net/en-US/thunderbird/128.6.0esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2025-04/ Read More

January 9, 2025

Smashing Security podcast #399: Honey in hot water, and reset your devices

Space Bears ransomware: what you need to know

Zero-Day Vulnerability in Ivanti VPN

Fancy Product Designer Plugin Flaws Expose WordPress Sites

Japan Faces Prolonged Cyber-Attacks Linked to China’s MirrorFace

PowerSchool Reportedly Pays Ransom to Prevent Student Data Leak

EU Commission Liable for Breaching EU’s Own Data Protection Rules

United Nations aviation agency hacked, recruitment database plundered

Government Launches £1.9m Initiative to Boost UK’s Cyber Resilience

Re: Local Privilege Escalations in needrestart

thunderbird-128.6.0-1.fc40

thunderbird-128.6.0-1.fc41

USN-7197-1: Go Networking vulnerability

USN-7185-2: Linux kernel (Azure) vulnerabilities

USN-7169-4: Linux kernel (Azure) vulnerabilities

USN-7196-1: Linux kernel (Azure) vulnerabilities