Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
This repository contains a proof-of-concept (PoC) exploit for CVE-2024-48990.
- CVE ID: CVE-2024-48990
- Affected Component: needrestart
- Vulnerability Type: Local Privilege Escalation
- Attack Vector: Local
- Impact: Privilege escalation to root
./poc.sh "loop.py" and "privesc.py" is just a sample for the exploitation, you dont need to bring them with the poc.sh !. all you need is the poc.sh
This project is intended for educational and research purposes only. The author is not responsible for any misuse of this code or for any damage resulting from its use.