high
7.8
Advisory Published
Updated

CVE-2022-42919

First published: Wed Nov 02 2022(Updated: )

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.3, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.

Credit: cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Python Python>=3.7.3<=3.7.15
Python Python>=3.8.3<=3.8.15
Python Python>=3.9.0<3.9.16
Python Python>=3.10.0<3.10.9
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
ubuntu/python3.10<3.10.6-1~22.04.1
3.10.6-1~22.04.1
ubuntu/python3.10<3.10.7-1ubuntu0.1
3.10.7-1ubuntu0.1
ubuntu/python3.9<3.9.5-3ubuntu0~20.04.1+
3.9.5-3ubuntu0~20.04.1+
debian/python2.7
2.7.16-2+deb10u1
2.7.16-2+deb10u4
2.7.18-8+deb11u1
debian/python3.11
3.11.2-6
3.11.9-1
debian/python3.7
3.7.3-2+deb10u3
3.7.3-2+deb10u7
debian/python3.9<=3.9.2-1

Remedy

https://github.com/python/cpython/commit/b43496c01a554cf41ae654a0379efae18609ad39

Remedy

https://github.com/python/cpython/commit/eae692eed18892309bcc25a2c0f8980038305ea2

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

  • What is the vulnerability ID of this issue?

    The vulnerability ID of this issue is CVE-2022-42919.

  • What is the severity of CVE-2022-42919?

    The severity of CVE-2022-42919 is high (7.8).

  • Which versions of Python are affected by CVE-2022-42919?

    Python versions 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux are affected by CVE-2022-42919.

  • What is the impact of CVE-2022-42919?

    CVE-2022-42919 allows local privilege escalation in a non-default configuration on Linux.

  • How can I fix CVE-2022-42919?

    To fix CVE-2022-42919, upgrade your Python installation to version 3.9.16 or 3.10.9.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203