* Qualys Security Advisory , 2024-11-19 16:25:
We therefore grepped the ScanDeps module for one of the oldest pitfalls
of the Perl programming language: the two-argument form of open(),
When looking for this kind of vulnerabilities a few years ago, I patched
my Perl interpreter to issue runtim
Hi all,
On Tue, Nov 26, 2024 at 12:31:34PM -0800, Mark Esler wrote:
> The security fix for CVE-2024-48991, 6ce6136 (“core: prevent race
> condition on /proc/$PID/exec evaluation”) [0], introduced a regression
> which was subsequently fixed 42af5d3 ("core: fix regression of false
> positives for pr
The security fix for CVE-2024-48991, 6ce6136 (“core: prevent race
condition on /proc/$PID/exec evaluation”) [0], introduced a regression
which was subsequently fixed 42af5d3 ("core: fix regression of false
positives for processes running in chroot or mountns (#317)") [1].
Many thanks to Ivan Kurno
Qualys Security Advisory
LPEs in needrestart (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992,
CVE-2024-10224, and CVE-2024-11003)
Contents
Summary
