Описание
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
Отчет
A service is vulnerable if it uses python's tarfile module to open untrusted tar files. If an attacker is able to submit a crafted tar file to a service which uses the tarfile module to open it, an infinite loop will be executed, potentially causing a denial of service. The tarfile module is included with python.
Versions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as 'Not affected' as they just provide "symlinks" to the main python3 component, which provides the actual interpreter of the Python programming language.
Меры по смягчению последствий
This flaw can be mitigated by not opening untrusted files with tarfile.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | python | Out of support scope | ||
| Red Hat Enterprise Linux 6 | python | Out of support scope | ||
| Red Hat Enterprise Linux 8 | python36:3.6/python36 | Not affected | ||
| Red Hat Quay 3 | python27 | Affected | ||
| Red Hat Enterprise Linux 7 | python | Fixed | RHSA-2020:5009 | 10.11.2020 |
| Red Hat Enterprise Linux 7 | python3 | Fixed | RHSA-2020:5010 | 10.11.2020 |
| Red Hat Enterprise Linux 7.4 Advanced Update Support | python | Fixed | RHSA-2021:0761 | 09.03.2021 |
| Red Hat Enterprise Linux 7.4 Telco Extended Update Support | python | Fixed | RHSA-2021:0761 | 09.03.2021 |
| Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions | python | Fixed | RHSA-2021:0761 | 09.03.2021 |
| Red Hat Enterprise Linux 7.6 Extended Update Support | python | Fixed | RHSA-2021:0881 | 16.03.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craf ...
EPSS
7.5 High
CVSS3