CLSA-2026-1778933429

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778933429.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1778933429
Upstream
Published
2026-05-16T12:10:34Z
Modified
2026-06-04T09:47:32.409166370Z
Summary
Fix CVE(s): CVE-2024-11003, CVE-2024-48990, CVE-2024-48991, CVE-2024-48992
Details
  • SECURITY UPDATE: drop usage of Module::ScanDeps to prevent LPE
    • debian/patches/CVE-2024-11003.patch: drop usage of Module::ScanDeps to prevent LPE
    • CVE-2024-11003
  • SECURITY UPDATE: do not set PYTHONPATH environment variable to prevent a LPE
    • debian/patches/CVE-2024-48990.patch: do not set PYTHONPATH environment variable to prevent a LPE
    • CVE-2024-48990
  • SECURITY UPDATE: prevent race condition on /proc/$PID/exec evaluation and fix chroot/mountns regression
    • debian/patches/CVE-2024-48991.patch: prevent race condition on /proc/$PID/exec evaluation and fix chroot/mountns regression
    • CVE-2024-48991
  • SECURITY UPDATE: do not set RUBYLIB environment variable to prevent a LPE
    • debian/patches/CVE-2024-48992.patch: do not set RUBYLIB environment variable to prevent a LPE
    • CVE-2024-48992
References

Affected packages

TuxCare:Ubuntu:20.04 / needrestart

Package

Name
needrestart
Purl
pkg:deb/tuxcare/needrestart?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4-6ubuntu0.1+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778933429.json"