Qualys

**Name of the Vulnerable Software and Affected Versions** Modules::ScanDeps versions prior to 1.36 **Description** The issue is related to the Modules::ScanDeps library, which does not properly sanitize input. This can allow an attacker to execute arbitrary shell commands. A local attacker could exploit this by passing unsanitized input to the library, potentially allowing them to run commands as root. **Recommendations** For versions prior to 1.36, update to version 1.36 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Modules::ScanDeps library until a patch is applied. Avoid using unsanitized input with the library to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** needrestart versions prior to 3.8 **Description** The issue is related to needrestart passing unsanitized data to a library, which expects safe input. This could allow a local attacker to execute arbitrary shell commands with root privileges. **Recommendations** For versions prior to 3.8, update to version 3.8 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `needrestart` utility until a patch is applied. Avoid using the `needrestart` utility with unsanitized input data to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** needrestart versions prior to 3.8 **Description** The issue is related to an uncontrolled search path element in the needrestart utility. Exploitation of this issue may allow an attacker to execute arbitrary code in the context of the root user by manipulating the `RUBYLIB` environment variable. This can be achieved by tricking needrestart into running the Ruby interpreter with an attacker-controlled `RUBYLIB` variable. **Recommendations** For versions prior to 3.8, update to version 3.8 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `RUBYLIB` environment variable to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** needrestart versions prior to 3.8 **Description** The issue is related to a race condition that allows local attackers to execute arbitrary code as root by tricking needrestart into running a fake Python interpreter. This is achieved by winning a race condition and substituting the system's real Python interpreter with a malicious one. The initial security fix introduced a regression, which was subsequently resolved. **Recommendations** For needrestart versions prior to 3.8, update to version 3.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the `usr/bin/python` file to prevent substitution with a malicious executable until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** needrestart versions prior to 3.8 Module::ScanDeps versions prior to 3.8 **Description** The needrestart utility, versions prior to 3.8, contains a flaw due to improper handling of the `PYTHONPATH` environment variable. This allows local attackers to execute arbitrary code with root privileges by manipulating the `PYTHONPATH` during Python interpreter initialization. The vulnerability stems from an uncontrolled search path element. A publicly available exploit exists for this issue. The vulnerability affects systems running Ubuntu and Debian. **Recommendations** Upgrade needrestart to version 3.8 or later. Upgrade Module::ScanDeps to version 3.8 or later.

**Name of the Vulnerable Software and Affected Versions** snapd versions prior to 2.57.6 snap-confine versions prior to 2.57.6 **Description** The issue is related to a race condition in the `must mkdir and open with perms()` function of the snap-confine utility. This vulnerability can be exploited to elevate privileges or execute arbitrary code. The problem is associated with synchronization errors when using a shared resource, also known as a "race condition". **Recommendations** For versions prior to 2.57.6, update to version 2.57.6 or later to resolve the issue. As a temporary workaround, consider disabling the `must mkdir and open with perms()` function until a patch is available.