SB2025121801 - Red Hat Enterprise Linux 8 update for the python39:3.9 module

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025121801

SB2025121801 - Red Hat Enterprise Linux 8 update for the python39:3.9 module

Published: December 18, 2025

Security Bulletin ID SB2025121801
Severity
High
Patch available
YES
Number of vulnerabilities 12
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 25% Medium 33% Low 42%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 12 secuirty vulnerabilities.


1) Out-of-bounds read (CVE-ID: CVE-2024-5642)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API when NPN is used. A remote attacker can trigger an out-of-bounds read error and perform a denial of service (DoS) attack.


2) OS Command Injection (CVE-ID: CVE-2024-9287)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper input validation in the venv module when creating a virtual environment. A local user can pass specially crafted strings to the application and execute arbitrary OS commands on the target system.


3) Input validation error (CVE-ID: CVE-2024-11168)

The vulnerability allows a remote attacker to bypass security restrictions.

The vulnerability exists due to insufficient validation of bracketed hosts (e.g. []) within the urllib.parse.urlsplit() and urlparse() functions allowing hosts that weren't IPv6 or IPvFuture. A remote attacker can pass specially crafted IP address to the application to bypass implemented IP-based security checks or perform SSRF attacks.


4) Input validation error (CVE-ID: CVE-2025-0938)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to urllib.parse.urlsplit and urlparse accept domain names with square brackets. A remote attacker can pass specially crafted input to the application and bypass implemented security restrictions.


5) Use-after-free (CVE-ID: CVE-2025-4516)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error when using the bytes.decode("unicode_escape", error="ignore|replace") function call. A remote attacker can pass a specially crafted input to the application and perform a denial of service (DoS) attack.


6) Expected behavior violation (CVE-ID: CVE-2025-4435)

The vulnerability allows a remote attacker to change expected behavior. 

The vulnerability exists due to an error when using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior. A remote attacker can force the application to extract files that were meant to be skipped. 


7) Link following (CVE-ID: CVE-2025-4330)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to an insecure link following issue when extracting data from an archive in the tarfile module. A remote attacker can pass a specially crafted archive to the application and overwrite arbitrary files outside the destination directory.


8) Path traversal (CVE-ID: CVE-2025-4517)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to input validation error in the tarfile module when extracting files from an archive with filter="data". A remote attacker can pass specially crafted archive to the application and write files to arbitrary locations on the system outside the extraction directory.


9) Link following (CVE-ID: CVE-2025-4138)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to an insecure link following issue when extracting data from an archive in the tarfile module. A remote attacker can pass a specially crafted archive to the application and overwrite arbitrary files outside the destination directory during extraction with filter="data"..


10) Resource management error (CVE-ID: CVE-2025-6069)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the html.parser.HTMLParser class. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


11) Input validation error (CVE-ID: CVE-2025-8291)

The vulnerability allows a remote attacker to extract files into arbitrary locations on the system.

The vulnerability exists due to the zipfile module does not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value when extracting files. A remote attacker can use a specially crafted zip file to extract data into arbitrary locations on the system.


12) Resource exhaustion (CVE-ID: CVE-2025-6075)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the os.path.expandvars() function. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References