Описание
virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a race condition between directory existence checks and creation to redirect virtualenv's app_data and lock file operations to attacker-controlled locations. This issue has been patched in version 20.36.1.
A flaw was found in virtualenv, a tool for creating isolated virtual Python environments. A local attacker can exploit a Time-of-Check-Time-of-Use (TOCTOU) race condition during directory creation operations. By performing symlink-based attacks, the attacker can redirect virtualenv's application data and lock file operations to locations they control. This could lead to information disclosure or data tampering.
Отчет
This vulnerability is rated Moderate for Red Hat. It affects virtualenv and allows a local attacker to perform symlink-based attacks during directory creation. Exploitation requires local access and a race condition, limiting its impact in typical Red Hat deployments.
Меры по смягчению последствий
Given that this vulnerability requires local access and exploits a race condition during directory creation, ensuring that virtualenv operations are performed in trusted and controlled environments can reduce the risk. Limiting the execution of virtualenv by untrusted users or within sandboxed environments can help mitigate potential information disclosure or data tampering.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Lightspeed | openshift-lightspeed/lightspeed-service-api-rhel9 | Fix deferred | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/grafana-rhel8 | Fix deferred | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/istio-cni-rhel8 | Fix deferred | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/istio-must-gather-rhel9 | Fix deferred | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/istio-operator-bundle | Fix deferred | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/istio-rhel8-operator | Fix deferred | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/pilot-rhel8 | Fix deferred | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/proxyv2-rhel9 | Fix deferred | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/ratelimit-rhel8 | Fix deferred | ||
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-25/ansible-dev-tools-rhel8 | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
4.5 Medium
CVSS3
Связанные уязвимости
virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a race condition between directory existence checks and creation to redirect virtualenv's app_data and lock file operations to attacker-controlled locations. This issue has been patched in version 20.36.1.
virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a race condition between directory existence checks and creation to redirect virtualenv's app_data and lock file operations to attacker-controlled locations. This issue has been patched in version 20.36.1.
virtualenv Has TOCTOU Vulnerabilities in Directory Creation
virtualenv is a tool for creating isolated virtual python environments ...
EPSS
4.5 Medium
CVSS3