openEuler 22.03 LTS SP4 update for python3
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2023-6597 CVE-2024-0450 CVE-2024-3219 CVE-2024-6232 |
| CWE-ID | CWE-61 CWE-400 CWE-362 CWE-185 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
openEuler Operating systems & Components / Operating system python3-help Operating systems & Components / Operating system package or component python3-unversioned-command Operating systems & Components / Operating system package or component python3-devel Operating systems & Components / Operating system package or component python3-debugsource Operating systems & Components / Operating system package or component python3-debuginfo Operating systems & Components / Operating system package or component python3-debug Operating systems & Components / Operating system package or component python3 Operating systems & Components / Operating system package or component |
| Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) UNIX symbolic link following
EUVDB-ID: #VU87185
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-6597
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a local user to delete arbitrary files on the system.
The vulnerability exists due to a symlink following issue during cleanup when handling temporary files. A local user can create a specially crafted symbolic link to a critical file on the system and delete it.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
python3-help: before 3.9.9-36
python3-unversioned-command: before 3.9.9-36
python3-devel: before 3.9.9-36
python3-debugsource: before 3.9.9-36
python3-debuginfo: before 3.9.9-36
python3-debug: before 3.9.9-36
python3: before 3.9.9-36
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-unversioned-command:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-debug:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2190
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource exhaustion
EUVDB-ID: #VU87685
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-0450
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the zipfile module does not properly control consumption of internal resources when extracting files from a zip archive. A remote attacker can pass a specially crafted archive aka zip-bomb to the application, trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
python3-help: before 3.9.9-36
python3-unversioned-command: before 3.9.9-36
python3-devel: before 3.9.9-36
python3-debugsource: before 3.9.9-36
python3-debuginfo: before 3.9.9-36
python3-debug: before 3.9.9-36
python3: before 3.9.9-36
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-unversioned-command:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-debug:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2190
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Race condition
EUVDB-ID: #VU98567
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-3219
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a race condition within the socket module, which provides a pure-Python fallback to the socket.socketpair() function for platforms that don’t support AF_UNIX, such as Windows. This pure-Python implementation uses AF_INET or AF_INET6 to create a local connected pair of sockets. The connection between the two sockets was not verified before passing the two sockets back to the user, which leaves the server socket vulnerable to a connection race from a malicious local peer.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
python3-help: before 3.9.9-36
python3-unversioned-command: before 3.9.9-36
python3-devel: before 3.9.9-36
python3-debugsource: before 3.9.9-36
python3-debuginfo: before 3.9.9-36
python3-debug: before 3.9.9-36
python3: before 3.9.9-36
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-unversioned-command:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-debug:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2190
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Incorrect Regular Expression
EUVDB-ID: #VU96745
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-6232
CWE-ID:
CWE-185 - Incorrect Regular Expression
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of .tar archives when processing it with regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
python3-help: before 3.9.9-36
python3-unversioned-command: before 3.9.9-36
python3-devel: before 3.9.9-36
python3-debugsource: before 3.9.9-36
python3-debuginfo: before 3.9.9-36
python3-debug: before 3.9.9-36
python3: before 3.9.9-36
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-unversioned-command:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-debug:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2190
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
