6.1

CVE-2023-6507

EPSS 0.04%
Published 08.12.2023 19:15:08
Last modified 21.11.2024 08:43:59
Source cna@python.org
Teams watchlist Login
Open Login

An issue was found in CPython 3.12.0 `subprocess` module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases.

When using the `extra_groups=` parameter with an empty list as a value (ie `extra_groups=[]`) the logic regressed to not call `setgroups(0, NULL)` before calling `exec()`, thus not dropping the original processes' groups before starting the new process. There is no issue when the parameter isn't used or when any value is used besides an empty list.

This issue only impacts CPython processes run with sufficient privilege to make the `setgroups` system call (typically `root`).

Affected products Warnungen 0 Metrics 3 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Python ≫ Python Version3.12.0 Update-

Python ≫ Python Version3.13.0 Updatealpha1

Python ≫ Python Version3.13.0 Updatealpha2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.13

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.9	1.2	3.6	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
cna@python.org	6.1	0.9	5.2	CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://github.com/python/cpython/commit/10e9bb13b8dcaa414645b9bd10718d8f7179e82b

https://github.com/python/cpython/commit/85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06

https://github.com/python/cpython/commit/9fe7655c6ce0b8e9adc229daf681b6d30e6b1610

https://github.com/python/cpython/issues/112334

Patch

Issue Tracking

https://mail.python.org/archives/list/security-announce@python.org/thread/AUL7QFHBLILGISS7U63B47AYSSGJJQZD/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-6507

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-6507

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-6507

EUVD