First published: Mon Mar 06 2023(Updated: )
USN-5767-1 fixed vulnerabilities in Python. This update fixes the problem for Ubuntu 18.04 LTS. Original advisory details: Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-37454)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/python3.6 | <3.6.9-1~18.04ubuntu1.10 | 3.6.9-1~18.04ubuntu1.10 |
=18.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this Python vulnerability is USN-5767-3.
The Python vulnerability fixed by USN-5767-3 allowed attackers to cause a crash or execute arbitrary code by exploiting certain SHA-3 internals.
The Python vulnerability affects version 3.6.9-1~18.04ubuntu1.10 on Ubuntu 18.04 LTS.
To fix the Python vulnerability, update to version 3.6.9-1~18.04ubuntu1.10 or later.
You can find more information about the Python vulnerability in the following references: [link1](https://ubuntu.com/security/CVE-2022-37454), [link2](https://launchpad.net/bugs/1995197), [link3](https://ubuntu.com/security/notices/USN-5717-1).