linux vulnerability lets hackers run arbitrary python

preview_player
Показать описание
needsrestart is a program that lets you automatically restart programs that depend on outdate packages. but what if THAT had a bug too? in this video im diving into CVE-2024-48990.

  1. Low Level
  2. hacking
  3. cybersecurity
  4. computers
  5. hackers
  6. apple
Рекомендации по теме
linux vulnerability lets 0:09:32

linux vulnerability lets hackers run arbitrary python

new Linux feature 0:11:08

new Linux feature makes hacking IMPOSSIBLE

hacking every device 0:07:06

hacking every device on local networks - bettercap tutorial (Linux)

How to detect 0:00:15

How to detect if your PC has been hacked

Nmap Tutorial to 0:17:09

Nmap Tutorial to find Network Vulnerabilities

how to get 0:20:08

how to get remote access to your hacking targets // reverse shells with netcat (Windows and Linux!!)

How a Hacker 0:15:57

How a Hacker Saved the Internet

How to Learn 0:05:04

How to Learn Hacking (2025) - a Practical Guide

SOC Lvl 2 1:02:32

SOC Lvl 2 | EP.48 | Malicious Document Analysis | Malware Analysis MalDoc TryHackMe

'DirtyCred' Gives Hackers 0:16:17

'DirtyCred' Gives Hackers Full Control of Linux and Android Systems

Hacking Linux with 0:00:56

Hacking Linux with These Simple Commands Pt:1

let’s play with 0:21:21

let’s play with a ZERO-DAY vulnerability “follina”

SQL Injection 101: 0:00:33

SQL Injection 101: Exploiting Vulnerabilities

Watch This Russian 0:02:56

Watch This Russian Hacker Break Into Our Computer In Minutes | CNBC

How hackers can 0:00:31

How hackers can open hotel doors with a Flipper Zero @0dayCTF

3 Best Advanced 0:14:07

3 Best Advanced hacking tools to find exploits automatically - Free + Linux

How Hackers Remotely 0:09:47

How Hackers Remotely Control Any PC?!

How to be 0:00:21

How to be a hacker in 1 minute 😎 #shorts

Depixelizing Passwords in 0:01:09

Depixelizing Passwords in HTB GreenHorn #htb #ethicalhacking #cybersecurity

#1 Ethical Hacker 0:00:50

#1 Ethical Hacker Making Huge Money Scheme #tech

A Hidden Risk 0:00:31

A Hidden Risk Lurking in Cloud Security - Ubuntu Vulnerabilities Exposed

Learn hacking easily 0:08:02

Learn hacking easily using DeepSeek AI

This Hacker Saved 0:00:58

This Hacker Saved the Internet

Should you buy 0:00:41

Should you buy a flipper zero

Комментарии
Автор

Somewhere in the NSA someone has drawn a line through a word on a whiteboard.

xoso
Автор

Root: “Is this python?”
User: “Trust me bro.”

papakamirneron
Автор

2024 was wild for software vulnerabilities. (and critical bugs too)

mincraftpolska
Автор

This is the first time I fully understood a CVE from start to finish.

wlockuz
Автор

Can’t trigger the bug if I dont upgrade my packages🧠

bastiman
Автор

Never seen the needrestart screen myself.

douro
Автор

Still feels weird listening "TV" instead of "learning".

ahjdf
Автор

Dude, this might actually genuely help me. We have a few systems at work that can't be rebooted but only give me non-root shells, but have needsrestart. The vendors just refuse to give us - customers - the root shell. With this, I could pop an EOL device's root shell and fix stuff inside out. xD Hahaha, this is amazing. :D

IngwiePhoenix_nb
Автор

It's crazy how most severe and most recent vulnerabilities lately happen to be simple in nature. Makes me wonder what else is hiding out there in plain sight

theohallenius
Автор

The fact this vulnerability is specifically targeting python (which is also on almost every Linux installation) makes me wonder if this was intentional or not.

flynn
Автор

By the way, the company that published the issue is NOT Quality Software, it is Qualys, a software security company.

FreakyRufus
Автор

"Would Rust have fixed this?" is not a question that would have ever popped up into my mind, because this bug isn't in the same category as the kind of bugs Rust would protect against.

DaVince
Автор

oh wow. that's a _harsh_ reminder that just because it's open source doesn't mean trivial vulns get found quickly

kiraaaaaa
Автор

what was in mind of the person who literally wrote “exec(random executable so file) as root”, what could possibly go wrong?

gordinmitya
Автор

this is why minimal distros are king, just install what you need and nothing more. I've never installed needrestart before.

Ethorbit
Автор

Interesting security flaw to say the least.
And yes, Rust wouldn't magically fix a flaw like this. A root process carelessly handing over the root permission to a new process without any consideration would be a security flaw regardless of language used.

This however does seem rather serious, but at least it is local.
And to be fair, all root processes should be combed through and searched for basic security flaws like these a bit more thoroughly sometime.

todayonthebench
Автор

this isn't a linux vulnerability, it's a debian one. how would it be on every linux server if rhel and suse use something totally different?

sasha-febl
Автор

once again, DON'T TRUST USER INPUT

luizgrocco
Автор

First time I ever heard about 'need restart service', maybe its because I only use desktop linux

syrefaen
Автор

“Every Linux”? I’ve only seen it on Ubuntu

SlyEcho
join shbcf.ru