CVE-2024-10224

NameCVE-2024-10224
DescriptionQualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by open()ing a "pesky pipe" (such as passing "commands|" as a filename) or by passing arbitrary strings to eval().
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3958-1, DSA-5816-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libmodule-scandeps-perl (PTS)jessie1.16-1vulnerable
stretch1.23-1vulnerable
buster1.27-1vulnerable
bullseye1.30-1vulnerable
bullseye (security)1.30-1+deb11u1fixed
bookworm1.31-2vulnerable
bookworm (security)1.31-2+deb12u1fixed
sid, trixie1.35-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libmodule-scandeps-perlsourcebullseye1.30-1+deb11u1DLA-3958-1
libmodule-scandeps-perlsourcebookworm1.31-2+deb12u1DSA-5816-1
libmodule-scandeps-perlsource(unstable)1.35-2

Notes

https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
https://github.com/rschupp/Module-ScanDeps/security/advisories/GHSA-g597-359q-v529
Fixed by: https://github.com/rschupp/Module-ScanDeps/commit/30d43e2df13cfca74833b3aa8a641679427c5cd8
Fixed by: https://github.com/rschupp/Module-ScanDeps/commit/e1f2e14c5bee4d78c94b0cddf120e81af104f6dd
Functional followup fix: https://github.com/rschupp/Module-ScanDeps/commit/49468814a24221affe113664899be21aef60e846

Search for package or bug name: Reporting problems