Описание
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.
A constant-time-defeating optimization issue was found in python. This issue occurs when sending a specially crafted request, which could allow an attacker to obtain sensitive information.
Отчет
This flaw is classified as Moderate as in contrast to an Important rating, the exploitation of this vulnerability is difficult to achieve and the outcome of the impact is breach of confidentiality.
Versions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as 'Not affected' as they just provide "symlinks" to the main python3 component, which provides the interpreter of the Python programming language.
Versions of python39:3.9/python39 and python2 in various modules as shipped with Red Hat Enterprise Linux 8, python3.11/python3.9 as shipped with Red Hat Enterprise Linux 9 and python 3.8.14 as shipped with Red Hat Software Collections are marked as 'Not affected' as they are higher than the vulnerable version, thereby containing the fixed code.
Меры по смягчению последствий
As per upstream, either make the accumulator variable result a volatile unsigned char instead of unsigned char or use instead use CRYPTO_memcmp from OpenSSL/BoringSSL when SSL is available as SSL libraries are more secure when it comes to timing based vulnerabilities. https://github.com/python/cpython/issues/84968
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | python | Out of support scope | ||
| Red Hat Enterprise Linux 7 | python | Out of support scope | ||
| Red Hat Enterprise Linux 7 | python3 | Out of support scope | ||
| Red Hat Enterprise Linux 8 | gimp:flatpak/python2 | Not affected | ||
| Red Hat Enterprise Linux 8 | inkscape:flatpak/python2 | Not affected | ||
| Red Hat Enterprise Linux 8 | python27:2.7/python2 | Not affected | ||
| Red Hat Enterprise Linux 8 | python3 | Not affected | ||
| Red Hat Enterprise Linux 8 | python3.11 | Not affected | ||
| Red Hat Enterprise Linux 8 | python36:3.6/python36 | Not affected | ||
| Red Hat Enterprise Linux 8 | python39:3.9/python39 | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.
An issue was discovered in compare_digest in Lib/hmac.py in Python thr ...
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.
Уязвимость функции hmac.compare_digest библиотеки Lib/hmac.py интерпретатора языка программирования Python, позволяющая нарушителю повысить свои привилегии
EPSS
5.9 Medium
CVSS3