Описание
NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.
A flaw was found in python-apt. This vulnerability allows a local attacker to cause a denial of service (Denial of Service) (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.
Отчет
This vulnerability is rated Low for Red Hat as it requires a local attacker to provide a crafted deb822 file to trigger a NULL pointer dereference in python-apt, leading to a denial of service (process crash). Red Hat products that utilize python-apt and process untrusted deb822 files may be affected.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Дополнительная информация
Статус:
EPSS
4 Medium
CVSS3
Связанные уязвимости
NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.
NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.
NULL pointer dereference in TagSection.keys() in python-apt on APT-bas ...
NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.
EPSS
4 Medium
CVSS3