Headline
RHSA-2022:8493: Red Hat Security Advisory: python3.9 security update
An update for python3.9 is now available for Red Hat Enterprise Linux 9 and Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-42919: python: local privilege escalation via the multiprocessing forkserver start method
Synopsis
Important: python3.9 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for python3.9 is now available for Red Hat Enterprise Linux 9 and Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
- python: local privilege escalation via the multiprocessing forkserver start method (CVE-2022-42919)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
- Red Hat CodeReady Linux Builder for x86_64 9 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
- Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x
Fixes
- BZ - 2138705 - CVE-2022-42919 python: local privilege escalation via the multiprocessing forkserver start method
Red Hat Enterprise Linux for x86_64 9
SRPM
python3.9-3.9.14-1.el9_1.1.src.rpm
SHA-256: c11c934765b0c011dc21e942a3fb2d6471d9daa41a4debc6516e366db79c4362
x86_64
python-unversioned-command-3.9.14-1.el9_1.1.noarch.rpm
SHA-256: 7c529dc97198c8db0873e30c619fa60888cddadf725a451a633bc77691bc8ee4
python3-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: 5dd93b3263ac912ee35be403cd04f87b8e65a2f3b00c5a2caca088e5114adc3c
python3-devel-3.9.14-1.el9_1.1.i686.rpm
SHA-256: 7d385808ab70d09ca5d51ddddc89cc3e5bf3fd7c0b3e6858bc30be49bf649b09
python3-devel-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: 612452285faa516a6daa5967840d1a6b3948a8bb509bd6082a892f73c6983fc7
python3-libs-3.9.14-1.el9_1.1.i686.rpm
SHA-256: bab5a8c5addf33bcf3caf2e8de91966aa1b957338e90aa4b74d50fc39588f609
python3-libs-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: 84ce8acd2c925d1e206ad39d9975960144229f5f057341441ef97da287317175
python3-tkinter-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: 65b58c65f6b7495408db966660b4ea555bd0eafc3cc6d954102b32ae42b7dd43
python3.9-debuginfo-3.9.14-1.el9_1.1.i686.rpm
SHA-256: 4885c28e9024caf5430155440c129eea1cc7abe0364f02bef8bb1de31edf2e6d
python3.9-debuginfo-3.9.14-1.el9_1.1.i686.rpm
SHA-256: 4885c28e9024caf5430155440c129eea1cc7abe0364f02bef8bb1de31edf2e6d
python3.9-debuginfo-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: f344277935fb670640fa1294ddc9749bfb76ff27d3f8f7575d826a2b7aa4961c
python3.9-debuginfo-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: f344277935fb670640fa1294ddc9749bfb76ff27d3f8f7575d826a2b7aa4961c
python3.9-debugsource-3.9.14-1.el9_1.1.i686.rpm
SHA-256: 4401fa455ff940720564d5e0e4d2370f6e7a9e5516ef251247f515492697c104
python3.9-debugsource-3.9.14-1.el9_1.1.i686.rpm
SHA-256: 4401fa455ff940720564d5e0e4d2370f6e7a9e5516ef251247f515492697c104
python3.9-debugsource-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: cccef2d85d70397048cf272ea4f4a8279513605fa99e656456d0468c6e2c65a9
python3.9-debugsource-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: cccef2d85d70397048cf272ea4f4a8279513605fa99e656456d0468c6e2c65a9
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0
SRPM
python3.9-3.9.10-4.el9_0.src.rpm
SHA-256: ce1101a2fa58e3764547c8bbe1e9cc189425a6aebfe8826311930f1612883c13
x86_64
python-unversioned-command-3.9.10-4.el9_0.noarch.rpm
SHA-256: 76864662f049bde9d743948fcbe465e73e84c692f20807934b1d818795827052
python3-3.9.10-4.el9_0.x86_64.rpm
SHA-256: 378daa25a78f3884913b67350f868456d3ac02befe1c93097da7ffa057c9e5ee
python3-devel-3.9.10-4.el9_0.i686.rpm
SHA-256: 68f09038d44a1bc86b16ddd22219c51adc89f81d1bfd5cd3c00c4ed33081db44
python3-devel-3.9.10-4.el9_0.x86_64.rpm
SHA-256: 3ccec329c6ca27f3842b425f782299e8a21b5482a69351b5d78dfa891cc1fefd
python3-libs-3.9.10-4.el9_0.i686.rpm
SHA-256: 4312a0dd59a68ac66e79705ea64e8643f59dca728e2006f2946b419e98120be5
python3-libs-3.9.10-4.el9_0.x86_64.rpm
SHA-256: d1d7638c261a20fb661d6ee0814b9a4a8b2022e60fd60230a2f5ed5cf517c6d1
python3-tkinter-3.9.10-4.el9_0.x86_64.rpm
SHA-256: 0bc5705ab94c8cb23f3d37705e0c89871466863db57ada54d1c5e6a0fe12a63b
python3.9-debuginfo-3.9.10-4.el9_0.i686.rpm
SHA-256: fc59b8e1d529a8a6fdebb1ca07ea167c35413727e28adee7264844e15219ec68
python3.9-debuginfo-3.9.10-4.el9_0.i686.rpm
SHA-256: fc59b8e1d529a8a6fdebb1ca07ea167c35413727e28adee7264844e15219ec68
python3.9-debuginfo-3.9.10-4.el9_0.x86_64.rpm
SHA-256: c974acda585534df0b0223821c18b840b1fe6a951a8c62ffa459f6b90d275ba3
python3.9-debuginfo-3.9.10-4.el9_0.x86_64.rpm
SHA-256: c974acda585534df0b0223821c18b840b1fe6a951a8c62ffa459f6b90d275ba3
python3.9-debugsource-3.9.10-4.el9_0.i686.rpm
SHA-256: c8725b152fcc67fb91b5e55e781de6fde8fa5a93cd31b7cb0aafde2ab6fe3986
python3.9-debugsource-3.9.10-4.el9_0.i686.rpm
SHA-256: c8725b152fcc67fb91b5e55e781de6fde8fa5a93cd31b7cb0aafde2ab6fe3986
python3.9-debugsource-3.9.10-4.el9_0.x86_64.rpm
SHA-256: d42045c51f4b0a1fa554c9fdf87b073d0d8aae5815130e9ccef2d6772954a9d8
python3.9-debugsource-3.9.10-4.el9_0.x86_64.rpm
SHA-256: d42045c51f4b0a1fa554c9fdf87b073d0d8aae5815130e9ccef2d6772954a9d8
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
python3.9-3.9.14-1.el9_1.1.src.rpm
SHA-256: c11c934765b0c011dc21e942a3fb2d6471d9daa41a4debc6516e366db79c4362
s390x
python-unversioned-command-3.9.14-1.el9_1.1.noarch.rpm
SHA-256: 7c529dc97198c8db0873e30c619fa60888cddadf725a451a633bc77691bc8ee4
python3-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: c7e67b847503098f6a39fea10f908f0c4e2cd473a387eff1e9db399fe7690e59
python3-devel-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: f617f13090cb90b8eb14cfa3f1f69b53cf0da80eb23fc572724876df284b8489
python3-libs-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: 9ca705f6d857022c54ab3c16c6846f2a3904783381059b354fb8504a3b5ee4b0
python3-tkinter-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: cf9292144fb08d88a5a6d525145ef1b5ae6000ac7edf861757606ece4680f02b
python3.9-debuginfo-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: 1585ead391d470039c59f47332d122bc093079165359e418c11a69534dc5173f
python3.9-debuginfo-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: 1585ead391d470039c59f47332d122bc093079165359e418c11a69534dc5173f
python3.9-debugsource-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: 071a3db170f1d7a3f1aee341670565e6666589f1771ded252b39eb8ef6d6a4a3
python3.9-debugsource-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: 071a3db170f1d7a3f1aee341670565e6666589f1771ded252b39eb8ef6d6a4a3
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0
SRPM
python3.9-3.9.10-4.el9_0.src.rpm
SHA-256: ce1101a2fa58e3764547c8bbe1e9cc189425a6aebfe8826311930f1612883c13
s390x
python-unversioned-command-3.9.10-4.el9_0.noarch.rpm
SHA-256: 76864662f049bde9d743948fcbe465e73e84c692f20807934b1d818795827052
python3-3.9.10-4.el9_0.s390x.rpm
SHA-256: 73d7464023f92d3a8d9ef230a296986aca5c24b04fffec84ba63b0079aefdea3
python3-devel-3.9.10-4.el9_0.s390x.rpm
SHA-256: 99739da6a578c1ec22728eddafe3b61abeda5bf3deddae4bb8f9ce39e6bcffc3
python3-libs-3.9.10-4.el9_0.s390x.rpm
SHA-256: 5a5770a5146a1c13daeb0aab9d1b1a328b008c11898b377e76d8eedc55f2a418
python3-tkinter-3.9.10-4.el9_0.s390x.rpm
SHA-256: ef5bd12f2cd92e6c5092d90f2c6da5061ea73e0f9928ca19d1f04b4b8f4f6393
python3.9-debuginfo-3.9.10-4.el9_0.s390x.rpm
SHA-256: f03b8a96c6bb97821844af42baea49a087a4363fea3262104daa8a01b9c28d47
python3.9-debuginfo-3.9.10-4.el9_0.s390x.rpm
SHA-256: f03b8a96c6bb97821844af42baea49a087a4363fea3262104daa8a01b9c28d47
python3.9-debugsource-3.9.10-4.el9_0.s390x.rpm
SHA-256: 66f23e3173bd1e9e552825189b07bfee8699ffeb72d7278550ea0ab11e7f0787
python3.9-debugsource-3.9.10-4.el9_0.s390x.rpm
SHA-256: 66f23e3173bd1e9e552825189b07bfee8699ffeb72d7278550ea0ab11e7f0787
Red Hat Enterprise Linux for Power, little endian 9
SRPM
python3.9-3.9.14-1.el9_1.1.src.rpm
SHA-256: c11c934765b0c011dc21e942a3fb2d6471d9daa41a4debc6516e366db79c4362
ppc64le
python-unversioned-command-3.9.14-1.el9_1.1.noarch.rpm
SHA-256: 7c529dc97198c8db0873e30c619fa60888cddadf725a451a633bc77691bc8ee4
python3-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: 725e2d2665082592652a4d37113c26e451367ae8fe89a12fa8e8f0e5136257c8
python3-devel-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: ec5ca014ba6e55053349416e9ef52941a67fbcaa5cd8d737236800c69d71b6e5
python3-libs-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: 4f32ea666baeadf427086800bbc246babd995e9c08258c605fbdef45ed72d541
python3-tkinter-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: a95346ee820cf5eb6aa42114b8fd5742daeff9c2b0d754e603494c6e1dbc88e6
python3.9-debuginfo-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: 7b64bed1d943abdd76791d238ef043bcb2b9b00206ccbb5ec93307e6326c135f
python3.9-debuginfo-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: 7b64bed1d943abdd76791d238ef043bcb2b9b00206ccbb5ec93307e6326c135f
python3.9-debugsource-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: d6d128798758aaff9ecef33c634b20f9f8ba934518e5a44ef82d86194e3b56f5
python3.9-debugsource-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: d6d128798758aaff9ecef33c634b20f9f8ba934518e5a44ef82d86194e3b56f5
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0
SRPM
python3.9-3.9.10-4.el9_0.src.rpm
SHA-256: ce1101a2fa58e3764547c8bbe1e9cc189425a6aebfe8826311930f1612883c13
ppc64le
python-unversioned-command-3.9.10-4.el9_0.noarch.rpm
SHA-256: 76864662f049bde9d743948fcbe465e73e84c692f20807934b1d818795827052
python3-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 06182c5645cb4aa08ef98a5e88e97d8b21f7004882fd27fb8b8199c3fa2e9a8f
python3-devel-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 3650e8659613582155afe49d1ce3721db25be5a21ff2079a5e8f94a78ebd9c7b
python3-libs-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: f45169db11d7b4688a79ca23dd037850afa6509c73caaf7606f63595d66a9c02
python3-tkinter-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 87edcbc21dc3a3b1d7a6c5618bb3fabf807c31fd2bd61fbceb13c3b625d4532e
python3.9-debuginfo-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 9e7c445c285f5e730c76500f921dfde70554820aa672745e04d4ebc1431a9927
python3.9-debuginfo-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 9e7c445c285f5e730c76500f921dfde70554820aa672745e04d4ebc1431a9927
python3.9-debugsource-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: e21696ffbe1125631ed262e10cf97b498f2bb37e206a39b04d3122e56480bb61
python3.9-debugsource-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: e21696ffbe1125631ed262e10cf97b498f2bb37e206a39b04d3122e56480bb61
Red Hat Enterprise Linux for ARM 64 9
SRPM
python3.9-3.9.14-1.el9_1.1.src.rpm
SHA-256: c11c934765b0c011dc21e942a3fb2d6471d9daa41a4debc6516e366db79c4362
aarch64
python-unversioned-command-3.9.14-1.el9_1.1.noarch.rpm
SHA-256: 7c529dc97198c8db0873e30c619fa60888cddadf725a451a633bc77691bc8ee4
python3-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: 1b166b734c565113cecfd5081a3ca75d15e21e7e6266c433a3ef90ad2d8d22a5
python3-devel-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: 1e9b4b2dcaa718f1f098b15ae9c498e96e8a5211a52a02eb86f43af3dd16ee0d
python3-libs-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: 559ee289efb7131658703c240d988f5bb596e0698296e6ec38ef34d240de3942
python3-tkinter-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: b36067b01663006e51f6cf921f9eff59fa7b51250d3c30026daef1234ec8a5f5
python3.9-debuginfo-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: 3e0290cd8d123ae25f03bae618adc15839bba473e7fa2dc4171887827acf8759
python3.9-debuginfo-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: 3e0290cd8d123ae25f03bae618adc15839bba473e7fa2dc4171887827acf8759
python3.9-debugsource-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: f3a5d800ea0840594aae732e09dc7d886c37b5ff9ee51f42a036d02d0ddc3550
python3.9-debugsource-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: f3a5d800ea0840594aae732e09dc7d886c37b5ff9ee51f42a036d02d0ddc3550
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0
SRPM
python3.9-3.9.10-4.el9_0.src.rpm
SHA-256: ce1101a2fa58e3764547c8bbe1e9cc189425a6aebfe8826311930f1612883c13
ppc64le
python-unversioned-command-3.9.10-4.el9_0.noarch.rpm
SHA-256: 76864662f049bde9d743948fcbe465e73e84c692f20807934b1d818795827052
python3-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 06182c5645cb4aa08ef98a5e88e97d8b21f7004882fd27fb8b8199c3fa2e9a8f
python3-devel-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 3650e8659613582155afe49d1ce3721db25be5a21ff2079a5e8f94a78ebd9c7b
python3-libs-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: f45169db11d7b4688a79ca23dd037850afa6509c73caaf7606f63595d66a9c02
python3-tkinter-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 87edcbc21dc3a3b1d7a6c5618bb3fabf807c31fd2bd61fbceb13c3b625d4532e
python3.9-debuginfo-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 9e7c445c285f5e730c76500f921dfde70554820aa672745e04d4ebc1431a9927
python3.9-debuginfo-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 9e7c445c285f5e730c76500f921dfde70554820aa672745e04d4ebc1431a9927
python3.9-debugsource-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: e21696ffbe1125631ed262e10cf97b498f2bb37e206a39b04d3122e56480bb61
python3.9-debugsource-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: e21696ffbe1125631ed262e10cf97b498f2bb37e206a39b04d3122e56480bb61
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0
SRPM
python3.9-3.9.10-4.el9_0.src.rpm
SHA-256: ce1101a2fa58e3764547c8bbe1e9cc189425a6aebfe8826311930f1612883c13
x86_64
python-unversioned-command-3.9.10-4.el9_0.noarch.rpm
SHA-256: 76864662f049bde9d743948fcbe465e73e84c692f20807934b1d818795827052
python3-3.9.10-4.el9_0.x86_64.rpm
SHA-256: 378daa25a78f3884913b67350f868456d3ac02befe1c93097da7ffa057c9e5ee
python3-devel-3.9.10-4.el9_0.i686.rpm
SHA-256: 68f09038d44a1bc86b16ddd22219c51adc89f81d1bfd5cd3c00c4ed33081db44
python3-devel-3.9.10-4.el9_0.x86_64.rpm
SHA-256: 3ccec329c6ca27f3842b425f782299e8a21b5482a69351b5d78dfa891cc1fefd
python3-libs-3.9.10-4.el9_0.i686.rpm
SHA-256: 4312a0dd59a68ac66e79705ea64e8643f59dca728e2006f2946b419e98120be5
python3-libs-3.9.10-4.el9_0.x86_64.rpm
SHA-256: d1d7638c261a20fb661d6ee0814b9a4a8b2022e60fd60230a2f5ed5cf517c6d1
python3-tkinter-3.9.10-4.el9_0.x86_64.rpm
SHA-256: 0bc5705ab94c8cb23f3d37705e0c89871466863db57ada54d1c5e6a0fe12a63b
python3.9-debuginfo-3.9.10-4.el9_0.i686.rpm
SHA-256: fc59b8e1d529a8a6fdebb1ca07ea167c35413727e28adee7264844e15219ec68
python3.9-debuginfo-3.9.10-4.el9_0.i686.rpm
SHA-256: fc59b8e1d529a8a6fdebb1ca07ea167c35413727e28adee7264844e15219ec68
python3.9-debuginfo-3.9.10-4.el9_0.x86_64.rpm
SHA-256: c974acda585534df0b0223821c18b840b1fe6a951a8c62ffa459f6b90d275ba3
python3.9-debuginfo-3.9.10-4.el9_0.x86_64.rpm
SHA-256: c974acda585534df0b0223821c18b840b1fe6a951a8c62ffa459f6b90d275ba3
python3.9-debugsource-3.9.10-4.el9_0.i686.rpm
SHA-256: c8725b152fcc67fb91b5e55e781de6fde8fa5a93cd31b7cb0aafde2ab6fe3986
python3.9-debugsource-3.9.10-4.el9_0.i686.rpm
SHA-256: c8725b152fcc67fb91b5e55e781de6fde8fa5a93cd31b7cb0aafde2ab6fe3986
python3.9-debugsource-3.9.10-4.el9_0.x86_64.rpm
SHA-256: d42045c51f4b0a1fa554c9fdf87b073d0d8aae5815130e9ccef2d6772954a9d8
python3.9-debugsource-3.9.10-4.el9_0.x86_64.rpm
SHA-256: d42045c51f4b0a1fa554c9fdf87b073d0d8aae5815130e9ccef2d6772954a9d8
Red Hat CodeReady Linux Builder for x86_64 9
SRPM
x86_64
python3-3.9.14-1.el9_1.1.i686.rpm
SHA-256: 5c046397f70325b13f55d6d077a64115266bf0785c83990217510486dc25dc58
python3-debug-3.9.14-1.el9_1.1.i686.rpm
SHA-256: 73939337ae4f79dff6e113ade3763842ae22579fbf10ff0eca40a672f6f25334
python3-debug-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: 70c46fca817a813467199f9471965b201fc71e0a4e9a97ba38deaf449c413d54
python3-idle-3.9.14-1.el9_1.1.i686.rpm
SHA-256: 2b47deba59b3597a08225bfffe3c0f9b13a0d9c194a3af84a5176f9d9ee91277
python3-idle-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: f4f430ed4001f28056fc43d09b2d53b14e7cc55323c523ba34cd46e974c74485
python3-test-3.9.14-1.el9_1.1.i686.rpm
SHA-256: bb2158813a7aa03f7b3d3488e942373c862cd7fd29bb49b2cd40e713307724f5
python3-test-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: fe89b946251a767c4b1d9d7fbf6e25b4c749112af92daf38affecf3d9d2b27c2
python3-tkinter-3.9.14-1.el9_1.1.i686.rpm
SHA-256: 3db6c272007e0091c3fc080f5ddf4d75f2455ae6164d63403a3ef9a15f321cec
python3.9-debuginfo-3.9.14-1.el9_1.1.i686.rpm
SHA-256: 4885c28e9024caf5430155440c129eea1cc7abe0364f02bef8bb1de31edf2e6d
python3.9-debuginfo-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: f344277935fb670640fa1294ddc9749bfb76ff27d3f8f7575d826a2b7aa4961c
python3.9-debugsource-3.9.14-1.el9_1.1.i686.rpm
SHA-256: 4401fa455ff940720564d5e0e4d2370f6e7a9e5516ef251247f515492697c104
python3.9-debugsource-3.9.14-1.el9_1.1.x86_64.rpm
SHA-256: cccef2d85d70397048cf272ea4f4a8279513605fa99e656456d0468c6e2c65a9
Red Hat CodeReady Linux Builder for Power, little endian 9
SRPM
ppc64le
python3-debug-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: 804ada3a7eb0cd29bdd16842dcfc6c5ee27e5b8e54d33a62308f098176a3a34f
python3-idle-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: d58af4a3c450b01c118bf1875172cb251690d54332c2c43c705ce826cbb25ab0
python3-test-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: 7fb1ebade4723cb89e2349092082d919ead2b6ae01e5026be7a487c8ecf674fd
python3.9-debuginfo-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: 7b64bed1d943abdd76791d238ef043bcb2b9b00206ccbb5ec93307e6326c135f
python3.9-debugsource-3.9.14-1.el9_1.1.ppc64le.rpm
SHA-256: d6d128798758aaff9ecef33c634b20f9f8ba934518e5a44ef82d86194e3b56f5
Red Hat CodeReady Linux Builder for ARM 64 9
SRPM
aarch64
python3-debug-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: 2be7f2fa73524934f2cf939bed93f81fa4d538af3c18324e74b656f499a06fac
python3-idle-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: 37b2c162d46bf9f2f539ad445bb5f8d84abdc017972fc93b42446e56b7aa28d5
python3-test-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: d9d7c9d58433fbfd6bd5871eacd49b80ba87e7a896a70647e4d381a6cadb411a
python3.9-debuginfo-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: 3e0290cd8d123ae25f03bae618adc15839bba473e7fa2dc4171887827acf8759
python3.9-debugsource-3.9.14-1.el9_1.1.aarch64.rpm
SHA-256: f3a5d800ea0840594aae732e09dc7d886c37b5ff9ee51f42a036d02d0ddc3550
Red Hat CodeReady Linux Builder for IBM z Systems 9
SRPM
s390x
python3-debug-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: 47c24b5768d70345039106c32f8038f111b433fe1f4904eb830638e2bf56e0c8
python3-idle-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: f5ef19cfd9f9ceda5224f261dbdd5b2421187551ed68009feae08c813f747727
python3-test-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: adbb4f16c312abf4d3cb5b329376391dbfb21a03b025fda58b38345140ff0194
python3.9-debuginfo-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: 1585ead391d470039c59f47332d122bc093079165359e418c11a69534dc5173f
python3.9-debugsource-3.9.14-1.el9_1.1.s390x.rpm
SHA-256: 071a3db170f1d7a3f1aee341670565e6666589f1771ded252b39eb8ef6d6a4a3
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0
SRPM
python3.9-3.9.10-4.el9_0.src.rpm
SHA-256: ce1101a2fa58e3764547c8bbe1e9cc189425a6aebfe8826311930f1612883c13
aarch64
python-unversioned-command-3.9.10-4.el9_0.noarch.rpm
SHA-256: 76864662f049bde9d743948fcbe465e73e84c692f20807934b1d818795827052
python3-3.9.10-4.el9_0.aarch64.rpm
SHA-256: a984f7d3767b82ebd34f89a2109f48ad13a009c363dbc8837154db6aa8e7d76f
python3-devel-3.9.10-4.el9_0.aarch64.rpm
SHA-256: 8eb7f550f4a854496beaa5365784d29d54b03631b42acb3f25f6162e8eb57673
python3-libs-3.9.10-4.el9_0.aarch64.rpm
SHA-256: dc6bdb5b3efa692dc3f8850b70cd4c9296f9dfd47064e989555483a440c7748a
python3-tkinter-3.9.10-4.el9_0.aarch64.rpm
SHA-256: 330a7a7eb5143a3109dcd115f86211025b2faad516e235ac29095927679bbff4
python3.9-debuginfo-3.9.10-4.el9_0.aarch64.rpm
SHA-256: d047dc5745c4699dbf29178995f0804afa8add4fbaed765b5fe21118ef7d7a35
python3.9-debuginfo-3.9.10-4.el9_0.aarch64.rpm
SHA-256: d047dc5745c4699dbf29178995f0804afa8add4fbaed765b5fe21118ef7d7a35
python3.9-debugsource-3.9.10-4.el9_0.aarch64.rpm
SHA-256: 9a12e1bf8ce0a4f809ded575f4c8672adf799024d3ab3b6eb75907f5b2727640
python3.9-debugsource-3.9.10-4.el9_0.aarch64.rpm
SHA-256: 9a12e1bf8ce0a4f809ded575f4c8672adf799024d3ab3b6eb75907f5b2727640
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0
SRPM
x86_64
python3-3.9.10-4.el9_0.i686.rpm
SHA-256: f9293681a1c53a8eec4ba0504927e63892d5a658d568d5eb0e51d0afc02c06ff
python3-debug-3.9.10-4.el9_0.i686.rpm
SHA-256: 8ab041e750a876e2de798164b9aca8de700d2f01f4224b1b888001ba0e02fa26
python3-debug-3.9.10-4.el9_0.x86_64.rpm
SHA-256: 2f7b91d6fa2fc69702fc53b3bec36603c17bba19303767ef2c024c58c15dc78f
python3-idle-3.9.10-4.el9_0.i686.rpm
SHA-256: 4b99799e9b5d0bb23ddc1f970c6a4d9a10c4fe5b47fbdd0c232e653930db407f
python3-idle-3.9.10-4.el9_0.x86_64.rpm
SHA-256: 9237d10c2bf4c4e4cdcb86ee3f9feb43be31076c997126830e38955e8f780e9c
python3-test-3.9.10-4.el9_0.i686.rpm
SHA-256: d995aa37fd6fd1dc77e60a6897a48d6459ea18b37e1ff972661018b40ef9a549
python3-test-3.9.10-4.el9_0.x86_64.rpm
SHA-256: 8acc15c2bafe00bbbd09070bee819181b73deac6a5f169bd7125b06979f06d5c
python3-tkinter-3.9.10-4.el9_0.i686.rpm
SHA-256: e180ccdda1921b49524ad0e2c720817236a665d220cced35fdb258abb1dad2f8
python3.9-debuginfo-3.9.10-4.el9_0.i686.rpm
SHA-256: fc59b8e1d529a8a6fdebb1ca07ea167c35413727e28adee7264844e15219ec68
python3.9-debuginfo-3.9.10-4.el9_0.x86_64.rpm
SHA-256: c974acda585534df0b0223821c18b840b1fe6a951a8c62ffa459f6b90d275ba3
python3.9-debugsource-3.9.10-4.el9_0.i686.rpm
SHA-256: c8725b152fcc67fb91b5e55e781de6fde8fa5a93cd31b7cb0aafde2ab6fe3986
python3.9-debugsource-3.9.10-4.el9_0.x86_64.rpm
SHA-256: d42045c51f4b0a1fa554c9fdf87b073d0d8aae5815130e9ccef2d6772954a9d8
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0
SRPM
ppc64le
python3-debug-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 26d4b60abc2437f8d10fa788f5ceb700ca12078428fed47ea5f9315bd4925567
python3-idle-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 64f416e773b0766763042882bdf2464bc9793892b289bd2d298a544931500ced
python3-test-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 2237692da27d5bc603ed23bdfcfd5aa16eba397f0cefee6bb0c525ddeaad29f9
python3.9-debuginfo-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: 9e7c445c285f5e730c76500f921dfde70554820aa672745e04d4ebc1431a9927
python3.9-debugsource-3.9.10-4.el9_0.ppc64le.rpm
SHA-256: e21696ffbe1125631ed262e10cf97b498f2bb37e206a39b04d3122e56480bb61
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0
SRPM
s390x
python3-debug-3.9.10-4.el9_0.s390x.rpm
SHA-256: 2056238668fc502136cf1c3036cd4ac45d79f5ab3b591d0dc3b94ae129a761fb
python3-idle-3.9.10-4.el9_0.s390x.rpm
SHA-256: 4ead02eee1f6d01d3986d8a1133d7985c9919b6c0c2b8cbcdaf0ceb164f29232
python3-test-3.9.10-4.el9_0.s390x.rpm
SHA-256: 6b2f3c8857ac7f2bfaae2fd4bfd715d45d495e532c6906532e1f8363f7a5b2a6
python3.9-debuginfo-3.9.10-4.el9_0.s390x.rpm
SHA-256: f03b8a96c6bb97821844af42baea49a087a4363fea3262104daa8a01b9c28d47
python3.9-debugsource-3.9.10-4.el9_0.s390x.rpm
SHA-256: 66f23e3173bd1e9e552825189b07bfee8699ffeb72d7278550ea0ab11e7f0787
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0
SRPM
aarch64
python3-debug-3.9.10-4.el9_0.aarch64.rpm
SHA-256: 77dcb464e1d7749f4e3966a1aeb718dd7992613940d44573a6dca028334892c4
python3-idle-3.9.10-4.el9_0.aarch64.rpm
SHA-256: e0a3d78487f9fb2bd6f96c398e6aca0a31d9e895317a0ac76a1f4622f5752444
python3-test-3.9.10-4.el9_0.aarch64.rpm
SHA-256: 2ab84acfe0adb97b30368cd5cda98d15889249207bc48c278ed0fd062cd9fc07
python3.9-debuginfo-3.9.10-4.el9_0.aarch64.rpm
SHA-256: d047dc5745c4699dbf29178995f0804afa8add4fbaed765b5fe21118ef7d7a35
python3.9-debugsource-3.9.10-4.el9_0.aarch64.rpm
SHA-256: 9a12e1bf8ce0a4f809ded575f4c8672adf799024d3ab3b6eb75907f5b2727640
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0
SRPM
python3.9-3.9.10-4.el9_0.src.rpm
SHA-256: ce1101a2fa58e3764547c8bbe1e9cc189425a6aebfe8826311930f1612883c13
aarch64
python-unversioned-command-3.9.10-4.el9_0.noarch.rpm
SHA-256: 76864662f049bde9d743948fcbe465e73e84c692f20807934b1d818795827052
python3-3.9.10-4.el9_0.aarch64.rpm
SHA-256: a984f7d3767b82ebd34f89a2109f48ad13a009c363dbc8837154db6aa8e7d76f
python3-devel-3.9.10-4.el9_0.aarch64.rpm
SHA-256: 8eb7f550f4a854496beaa5365784d29d54b03631b42acb3f25f6162e8eb57673
python3-libs-3.9.10-4.el9_0.aarch64.rpm
SHA-256: dc6bdb5b3efa692dc3f8850b70cd4c9296f9dfd47064e989555483a440c7748a
python3-tkinter-3.9.10-4.el9_0.aarch64.rpm
SHA-256: 330a7a7eb5143a3109dcd115f86211025b2faad516e235ac29095927679bbff4
python3.9-debuginfo-3.9.10-4.el9_0.aarch64.rpm
SHA-256: d047dc5745c4699dbf29178995f0804afa8add4fbaed765b5fe21118ef7d7a35
python3.9-debuginfo-3.9.10-4.el9_0.aarch64.rpm
SHA-256: d047dc5745c4699dbf29178995f0804afa8add4fbaed765b5fe21118ef7d7a35
python3.9-debugsource-3.9.10-4.el9_0.aarch64.rpm
SHA-256: 9a12e1bf8ce0a4f809ded575f4c8672adf799024d3ab3b6eb75907f5b2727640
python3.9-debugsource-3.9.10-4.el9_0.aarch64.rpm
SHA-256: 9a12e1bf8ce0a4f809ded575f4c8672adf799024d3ab3b6eb75907f5b2727640
Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0
SRPM
python3.9-3.9.10-4.el9_0.src.rpm
SHA-256: ce1101a2fa58e3764547c8bbe1e9cc189425a6aebfe8826311930f1612883c13
s390x
python-unversioned-command-3.9.10-4.el9_0.noarch.rpm
SHA-256: 76864662f049bde9d743948fcbe465e73e84c692f20807934b1d818795827052
python3-3.9.10-4.el9_0.s390x.rpm
SHA-256: 73d7464023f92d3a8d9ef230a296986aca5c24b04fffec84ba63b0079aefdea3
python3-devel-3.9.10-4.el9_0.s390x.rpm
SHA-256: 99739da6a578c1ec22728eddafe3b61abeda5bf3deddae4bb8f9ce39e6bcffc3
python3-libs-3.9.10-4.el9_0.s390x.rpm
SHA-256: 5a5770a5146a1c13daeb0aab9d1b1a328b008c11898b377e76d8eedc55f2a418
python3-tkinter-3.9.10-4.el9_0.s390x.rpm
SHA-256: ef5bd12f2cd92e6c5092d90f2c6da5061ea73e0f9928ca19d1f04b4b8f4f6393
python3.9-debuginfo-3.9.10-4.el9_0.s390x.rpm
SHA-256: f03b8a96c6bb97821844af42baea49a087a4363fea3262104daa8a01b9c28d47
python3.9-debuginfo-3.9.10-4.el9_0.s390x.rpm
SHA-256: f03b8a96c6bb97821844af42baea49a087a4363fea3262104daa8a01b9c28d47
python3.9-debugsource-3.9.10-4.el9_0.s390x.rpm
SHA-256: 66f23e3173bd1e9e552825189b07bfee8699ffeb72d7278550ea0ab11e7f0787
python3.9-debugsource-3.9.10-4.el9_0.s390x.rpm
SHA-256: 66f23e3173bd1e9e552825189b07bfee8699ffeb72d7278550ea0ab11e7f0787
Related news
Ubuntu Security Notice 6891-1 - It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. It was discovered that Python incorrectly used regular expressions vulnerable to catastrophic backtracking. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS.
Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.
Red Hat Security Advisory 2023-3742-02 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include bypass, denial of service, and remote SQL injection vulnerabilities.
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...
Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.
Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...
Ubuntu Security Notice 5888-1 - It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Hamza Avvan discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code.
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]
Red Hat Security Advisory 2022-8493-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2022-8492-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a privilege escalation vulnerability.
An update for the python39:3.9 module is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.4 Extended Update Support, and Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42919: python: local privilege escalation via the multiprocessing forkserver start method
Python 3.9.x and 3.10.x through 3.10.8 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.4, but users would need to make specific uncommo...
Ubuntu Security Notice 5713-1 - Devin Jeanpierre discovered that Python incorrectly handled sockets when the multiprocessing module was being used. A local attacker could possibly use this issue to execute arbitrary code and escalate privileges.