Lucene search
Python 3.12.0 Improper Privilege Management Vulnerability - Linux
🗓️ 22 Dec 2023 00:00:00Reported by Copyright (C) 2023 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 15 Views
Python 3.12.0 Improper Privilege Management Vulnerabilit
Show more
| Reporter | Title | Published | Views | Family All 23 |
|---|---|---|---|---|
 | OPENSUSE-SU-2024:13511-1 python312-3.12.1-1.1 on GA media | 15 Jun 202400:00 | – | osv |
| PSF-2023-12 Groups not dropped before running subprocess when using empty 'extra_groups' parameter | 8 Dec 202318:20 | – | osv |
| BIT-PYTHON-2023-6507 | 4 Oct 202416:35 | – | osv |
| BIT-PYTHON-MIN-2023-6507 | 17 Jan 202515:06 | – | osv |
| CVE-2023-6507 | 8 Dec 202319:15 | – | osv |
| PSF-CVE-2023-6507 Groups not dropped before running subprocess when using empty 'extra_groups' parameter | 8 Dec 202318:20 | – | osv |
| USN-6891-1 python3.5, python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12 vulnerabilities | 11 Jul 202411:54 | – | osv |
 | CVE-2023-6507 | 8 Dec 202300:00 | – | ubuntucve |
 | CVE-2023-6507 | 8 Dec 202319:15 | – | cve |
 | CVE-2023-6507 affecting package python3 for versions less than 3.12.3-1 | 25 Aug 202415:13 | – | cbl_mariner |
10
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:python:python";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.170753");
script_version("2023-12-26T05:05:23+0000");
script_tag(name:"last_modification", value:"2023-12-26 05:05:23 +0000 (Tue, 26 Dec 2023)");
script_tag(name:"creation_date", value:"2023-12-22 10:41:08 +0000 (Fri, 22 Dec 2023)");
script_tag(name:"cvss_base", value:"6.1");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:M/C:N/I:C/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-12-13 20:17:00 +0000 (Wed, 13 Dec 2023)");
script_cve_id("CVE-2023-6507");
script_tag(name:"qod_type", value:"remote_banner_unreliable");
script_tag(name:"solution_type", value:"VendorFix");
script_name("Python 3.12.0 Improper Privilege Management Vulnerability - Linux");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("General");
script_dependencies("gb_python_consolidation.nasl", "os_detection.nasl");
script_mandatory_keys("python/detected", "Host/runs_unixoide");
script_tag(name:"summary", value:"CPython is prone to an improper privilege management
vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"When using the extra_groups= parameter with an empty list as a
value (ie extra_groups=[]) the logic regressed to not call setgroups(0, NULL) before calling exec(),
thus not dropping the original processes' groups before starting the new process. There is no issue
when the parameter isn't used or when any value is used besides an empty list.
This issue only impacts CPython processes run with sufficient privilege to make the setgroups
system call (typically root).");
script_tag(name:"affected", value:"CPython version 3.12.0.");
script_tag(name:"solution", value:"Update to version 3.12.1 or later.");
script_xref(name:"URL", value:"https://mail.python.org/archives/list/[email protected]/thread/AUL7QFHBLILGISS7U63B47AYSSGJJQZD/");
script_xref(name:"URL", value:"https://github.com/python/cpython/issues/112334");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if( isnull( port = get_app_port( cpe:CPE ) ) )
exit( 0 );
if( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE, version_regex:"^[0-9]+\.[0-9]+\.[0-9]+" ) )
exit( 0 );
version = infos["version"];
location = infos["location"];
if ( version_is_equal( version: version, test_version: "3.12.0" ) ) {
report = report_fixed_ver( installed_version: version, fixed_version: "3.12.1", install_path: location );
security_message( port: port, data: report );
exit( 0 );
}
exit( 99 );
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo22 Dec 2023 00:00Current
9.6High risk
Vulners AI Score9.6
CVSS34.9 - 6.1
EPSS0.00041
SSVC