cve-2024-3219
Vulnerability from cvelistv5
Published
2024-07-29 21:54
Modified
2024-11-04 21:44
Summary
Pure-Python fallback of socket.socketpair() doesn’t authenticate peer connection
References
cna@python.orghttp://www.openwall.com/lists/oss-security/2024/07/29/3
cna@python.orghttps://github.com/python/cpython/commit/06fa244666ec6335a3b9bf2367e31b42b9a89b20
cna@python.orghttps://github.com/python/cpython/commit/0b65c8bf5367625673eafb92f85046a1b31259f2
cna@python.orghttps://github.com/python/cpython/commit/220e31adeaaa8436c9ff234cba1398bc49e2bb6c
cna@python.orghttps://github.com/python/cpython/commit/2621a8a40ba4b2c68ca564671b7daa5da80a4508
cna@python.orghttps://github.com/python/cpython/commit/31302f5fc24eecd693f0c8aaba7c2840b09b594d
cna@python.orghttps://github.com/python/cpython/commit/3f5d9d12c74787fbf3f5891835c85cc15526c86d
cna@python.orghttps://github.com/python/cpython/commit/5df322e91a40909e6904bbdbc0c3a6b6a9eead39
cna@python.orghttps://github.com/python/cpython/commit/5f90abaa786f994db3907fc31e2ee00ea2cf0929
cna@python.orghttps://github.com/python/cpython/commit/b252317956b7fc035bb3774ef6a177e227f9fc54
cna@python.orghttps://github.com/python/cpython/commit/c21a36112a0028d7ac3cf8f480e0dc88dba5922c
cna@python.orghttps://github.com/python/cpython/commit/c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde
cna@python.orghttps://github.com/python/cpython/commit/e319f774f9e766a2b92949444a2d46081df3363a
cna@python.orghttps://github.com/python/cpython/commit/f071f01b7b7e19d7d6b3a4b0ec62f820ecb14660
cna@python.orghttps://github.com/python/cpython/issues/122133
cna@python.orghttps://github.com/python/cpython/pull/122134
cna@python.orghttps://mail.python.org/archives/list/security-announce@python.org/thread/WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B/
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3219",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-31T18:45:03.016211Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-306",
                "description": "CWE-306 Missing Authentication for Critical Function",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-04T21:44:46.150Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:05:08.371Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/python/cpython/pull/122134"
          },
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://github.com/python/cpython/issues/122133"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/29/3"
          },
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/python/cpython/commit/06fa244666ec6335a3b9bf2367e31b42b9a89b20"
          },
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/python/cpython/commit/0b65c8bf5367625673eafb92f85046a1b31259f2"
          },
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/python/cpython/commit/220e31adeaaa8436c9ff234cba1398bc49e2bb6c"
          },
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/python/cpython/commit/5f90abaa786f994db3907fc31e2ee00ea2cf0929"
          },
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/python/cpython/commit/b252317956b7fc035bb3774ef6a177e227f9fc54"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "CPython",
          "repo": "https://github.com/python/cpython",
          "vendor": "Python Software Foundation",
          "versions": [
            {
              "lessThan": "3.8.20",
              "status": "affected",
              "version": "0",
              "versionType": "python"
            },
            {
              "lessThan": "3.9.20",
              "status": "affected",
              "version": "3.9.0",
              "versionType": "python"
            },
            {
              "lessThan": "3.10.15",
              "status": "affected",
              "version": "3.10.0",
              "versionType": "python"
            },
            {
              "lessThan": "3.11.10",
              "status": "affected",
              "version": "3.11.0",
              "versionType": "python"
            },
            {
              "lessThan": "3.12.5",
              "status": "affected",
              "version": "3.12.0",
              "versionType": "python"
            },
            {
              "lessThan": "3.13.0rc1",
              "status": "affected",
              "version": "3.13.0a1",
              "versionType": "python"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Ellie"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The\n \u201csocket\u201d module provides a pure-Python fallback to the \nsocket.socketpair() function for platforms that don\u2019t support AF_UNIX, \nsuch as Windows. This pure-Python implementation uses AF_INET or \nAF_INET6 to create a local connected pair of sockets. The connection \nbetween the two sockets was not verified before passing the two sockets \nback to the user, which leaves the server socket vulnerable to a \nconnection race from a malicious local peer.\u003cbr\u003e\u003cbr\u003ePlatforms that support AF_UNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included.\u003cbr\u003e"
            }
          ],
          "value": "The\n \u201csocket\u201d module provides a pure-Python fallback to the \nsocket.socketpair() function for platforms that don\u2019t support AF_UNIX, \nsuch as Windows. This pure-Python implementation uses AF_INET or \nAF_INET6 to create a local connected pair of sockets. The connection \nbetween the two sockets was not verified before passing the two sockets \nback to the user, which leaves the server socket vulnerable to a \nconnection race from a malicious local peer.\n\nPlatforms that support AF_UNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-17T18:52:44.490Z",
        "orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
        "shortName": "PSF"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/pull/122134"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/python/cpython/issues/122133"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/07/29/3"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/06fa244666ec6335a3b9bf2367e31b42b9a89b20"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/0b65c8bf5367625673eafb92f85046a1b31259f2"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/220e31adeaaa8436c9ff234cba1398bc49e2bb6c"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/5f90abaa786f994db3907fc31e2ee00ea2cf0929"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/b252317956b7fc035bb3774ef6a177e227f9fc54"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/2621a8a40ba4b2c68ca564671b7daa5da80a4508"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/5df322e91a40909e6904bbdbc0c3a6b6a9eead39"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/c21a36112a0028d7ac3cf8f480e0dc88dba5922c"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/f071f01b7b7e19d7d6b3a4b0ec62f820ecb14660"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/31302f5fc24eecd693f0c8aaba7c2840b09b594d"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/3f5d9d12c74787fbf3f5891835c85cc15526c86d"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/e319f774f9e766a2b92949444a2d46081df3363a"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Pure-Python fallback of socket.socketpair() doesn\u2019t authenticate peer connection",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
    "assignerShortName": "PSF",
    "cveId": "CVE-2024-3219",
    "datePublished": "2024-07-29T21:54:05.830Z",
    "dateReserved": "2024-04-02T18:03:22.557Z",
    "dateUpdated": "2024-11-04T21:44:46.150Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-3219\",\"sourceIdentifier\":\"cna@python.org\",\"published\":\"2024-07-29T22:15:04.970\",\"lastModified\":\"2024-11-04T22:35:06.427\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The\\n \u201csocket\u201d module provides a pure-Python fallback to the \\nsocket.socketpair() function for platforms that don\u2019t support AF_UNIX, \\nsuch as Windows. This pure-Python implementation uses AF_INET or \\nAF_INET6 to create a local connected pair of sockets. The connection \\nbetween the two sockets was not verified before passing the two sockets \\nback to the user, which leaves the server socket vulnerable to a \\nconnection race from a malicious local peer.\\n\\nPlatforms that support AF_UNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de gravedad MEDIA que afecta a CPython. El m\u00f3dulo \\\"socket\\\" proporciona un respaldo de Python puro a la funci\u00f3n socket.socketpair() para plataformas que no admiten AF_UNIX, como Windows. Esta implementaci\u00f3n pura de Python utiliza AF_INET o AF_INET6 para crear un par de sockets conectados localmente. La conexi\u00f3n entre los dos sockets no se verific\u00f3 antes de devolverlos al usuario, lo que deja al socket del servidor vulnerable a una ejecuci\u00f3n de conexi\u00f3n de un par local malicioso. Las plataformas que admiten AF_UNIX, como Linux y macOS, no se ven afectadas por esta vulnerabilidad. Las versiones anteriores a CPython 3.5 no se ven afectadas debido a que no se incluye la API vulnerable.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@python.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"LOW\",\"vulnerableSystemIntegrity\":\"NONE\",\"vulnerableSystemAvailability\":\"NONE\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NOT_DEFINED\",\"recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/29/3\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/06fa244666ec6335a3b9bf2367e31b42b9a89b20\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/0b65c8bf5367625673eafb92f85046a1b31259f2\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/220e31adeaaa8436c9ff234cba1398bc49e2bb6c\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/2621a8a40ba4b2c68ca564671b7daa5da80a4508\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/31302f5fc24eecd693f0c8aaba7c2840b09b594d\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/3f5d9d12c74787fbf3f5891835c85cc15526c86d\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/5df322e91a40909e6904bbdbc0c3a6b6a9eead39\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/5f90abaa786f994db3907fc31e2ee00ea2cf0929\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/b252317956b7fc035bb3774ef6a177e227f9fc54\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/c21a36112a0028d7ac3cf8f480e0dc88dba5922c\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/e319f774f9e766a2b92949444a2d46081df3363a\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/f071f01b7b7e19d7d6b3a4b0ec62f820ecb14660\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/issues/122133\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/pull/122134\",\"source\":\"cna@python.org\"},{\"url\":\"https://mail.python.org/archives/list/security-announce@python.org/thread/WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B/\",\"source\":\"cna@python.org\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.