CVE-2025-4516

Опубликовано: 15 мая 2025

Источник: redhat

CVSS3: 5.1

EPSS Низкий

Описание

There is an issue in CPython when using bytes.decode("unicode_escape", error="ignore|replace"). If you are not using the "unicode_escape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.

A vulnerability has been identified in CPython's bytes.decode() function when used with the "unicode_escape" encoding and the "ignore" or "replace" error handling modes. This flaw can result in the incorrect decoding of byte strings. While this may not directly lead to traditional security breaches like data exfiltration, the resulting unexpected program behavior could introduce instability, logic errors, or unintended side effects within applications that rely on this specific decoding functionality.

Отчет

Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-416: Use After Free vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low. Access to the platform is granted only after successful hard token-based multi-factor authentication (MFA) and is governed by least privilege to ensure that only authorized users and roles can execute or modify code. Red Hat also enforces least functionality, enabling only essential features, services, and ports. Hardening guidelines ensure the most restrictive settings required for operations, while baseline configurations enforce safe memory allocation and deallocation practices to reduce the risk of use-after-free vulnerabilities. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code and provide real-time visibility into memory usage, lowering the risk of arbitrary code execution. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of denial-of-service (DoS) attacks. In the event of successful exploitation, process isolation prevents a compromised process from accessing memory freed by another, containing potential impact. Finally, memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) enhance resilience against memory-related vulnerabilities.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	python3.12	Fix deferred
Red Hat Enterprise Linux 6	python	Out of support scope
Red Hat Enterprise Linux 7	python	Fix deferred
Red Hat Enterprise Linux 7	python3	Fix deferred
Red Hat Enterprise Linux 8	python3	Fix deferred
Red Hat Enterprise Linux 8	python3.11	Fix deferred
Red Hat Enterprise Linux 8	python3.12	Fix deferred
Red Hat Enterprise Linux 8	python36:3.6/python36	Fix deferred
Red Hat Enterprise Linux 8	python39:3.9/python39	Fix deferred
Red Hat Enterprise Linux 8	python39-devel:3.9/python39	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=2366509cpython: python: CPython DecodeError Handling Vulnerability

EPSS

Процентиль: 4%

0.00021

Низкий

5.1 Medium

CVSS3

Связанные уязвимости

CVE-2025-4516

ubuntu

3 месяца назад

There is an issue in CPython when using `bytes.decode("unicode_escape", error="ignore|replace")`. If you are not using the "unicode_escape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.