## https://sploitus.com/exploit?id=36915935-0A31-5054-B3C6-F8232A796E28
## Proof of Concept (PoC) for CVE-2024-48990 in `needrestart`
**CVE-2024-48990**: Linux Local Privilege Escalation (LPE) via `needrestart`
- **Patched**: Nov 19, 2024
- **More Information**: [Qualys Advisory](https://www.qualys.com/2024/11/19/needrestart/needrestart.txt)
---
## How to Use?
1. Run the script `./start.sh`.
- This will compile a malicious `importlib` library.
- It will then start a Python script (`e.py`) that sets up a listener and waits for `needrestart` to be executed by the `root` user.
2. When `needrestart` is triggered (typically by an update like `apt upgrade`), it will load the fake library and execute the payload.
3. Upon successful execution, a shell will be opened.
---