First published: Fri Sep 21 2018(Updated: )
Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing tens or hundreds of gigabytes of data. This issue is fixed in: v3.4.10, v3.4.10rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.7rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.7, v3.6.7rc1, v3.6.7rc2, v3.6.8, v3.6.8rc1, v3.6.9, v3.6.9rc1; v3.7.1, v3.7.1rc1, v3.7.1rc2, v3.7.2, v3.7.2rc1, v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/rh-python36-python | <0:3.6.9-2.el6 | 0:3.6.9-2.el6 |
redhat/rh-python36-python | <0:3.6.9-2.el7 | 0:3.6.9-2.el7 |
Python Python | >=3.4.0<3.7.1 | |
Debian Debian Linux | =8.0 | |
Fedoraproject Fedora | =28 | |
Fedoraproject Fedora | =29 | |
Fedoraproject Fedora | =30 | |
ubuntu/python3.5 | <3.5.2-2ubuntu0~16.04.8 | 3.5.2-2ubuntu0~16.04.8 |
ubuntu/python3.6 | <3.6.7-1~18.04 | 3.6.7-1~18.04 |
ubuntu/python3.6 | <3.6.7-1~18.10 | 3.6.7-1~18.10 |
ubuntu/python3.6 | <3.6.7 | 3.6.7 |
ubuntu/python3.7 | <3.7.1 | 3.7.1 |
ubuntu/python3.4 | <3.4.3-1ubuntu1~14.04.7+ | 3.4.3-1ubuntu1~14.04.7+ |
ubuntu/python3.4 | <3.4.2-1+ | 3.4.2-1+ |
redhat/python | <3.7.1 | 3.7.1 |
debian/python2.7 | 2.7.16-2+deb10u1 2.7.16-2+deb10u4 2.7.18-8+deb11u1 | |
debian/python3.7 | 3.7.3-2+deb10u3 3.7.3-2+deb10u7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2018-20406.
The severity of CVE-2018-20406 is high with a severity value of 7.5.
The affected software versions are Python before 3.7.1 and certain versions of rh-python36-python, python2.7, python3.7, python3.5, python3.6, and python3.4.
To fix CVE-2018-20406, you should update to Python version 3.7.1 or higher.
You can find more information about CVE-2018-20406 at the following references: [https://bugs.python.org/issue34656](https://bugs.python.org/issue34656), [https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd](https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd), [http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20406.html](http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20406.html).