SUSE update for python3



Risk Medium
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2021-4189
CVE-2022-0391
CWE-ID CWE-918
CWE-93
Exploitation vector Network
Public exploit N/A
Vulnerable software
SUSE Linux Enterprise Server for SAP Applications
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing
Operating systems & Components / Operating system

SUSE Linux Enterprise Server
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Web Scripting
Operating systems & Components / Operating system

SUSE Linux Enterprise Software Development Kit
Operating systems & Components / Operating system

python3-base-debuginfo-32bit
Operating systems & Components / Operating system package or component

libpython3_4m1_0-debuginfo-32bit
Operating systems & Components / Operating system package or component

libpython3_4m1_0-32bit
Operating systems & Components / Operating system package or component

python3-tk-debuginfo
Operating systems & Components / Operating system package or component

python3-tk
Operating systems & Components / Operating system package or component

python3-curses-debuginfo
Operating systems & Components / Operating system package or component

python3-curses
Operating systems & Components / Operating system package or component

python3-base
Operating systems & Components / Operating system package or component

python3
Operating systems & Components / Operating system package or component

libpython3_4m1_0-debuginfo
Operating systems & Components / Operating system package or component

libpython3_4m1_0
Operating systems & Components / Operating system package or component

python3-devel-debuginfo
Operating systems & Components / Operating system package or component

python3-devel
Operating systems & Components / Operating system package or component

python3-debugsource
Operating systems & Components / Operating system package or component

python3-debuginfo
Operating systems & Components / Operating system package or component

python3-dbm-debuginfo
Operating systems & Components / Operating system package or component

python3-dbm
Operating systems & Components / Operating system package or component

python3-base-debugsource
Operating systems & Components / Operating system package or component

python3-base-debuginfo
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Server-Side Request Forgery (SSRF)

EUVDB-ID: #VU61681

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-4189

CWE-ID: CWE-918 - Server-Side Request Forgery (SSRF)

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input in the FTP (File Transfer Protocol) client library when using it in PASV (passive) mode. A remote attacker can set up a malicious FTP server, trick the FTP client in Python into connecting back to a given IP address and port, which can lead to FTP client scanning ports which otherwise would not have been possible.

Mitigation

Update the affected package python3 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications: 12-SP3 - 12-SP5

SUSE Linux Enterprise High Performance Computing: 12

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON - 12-SP5

SUSE Linux Enterprise Module for Web Scripting: 12

SUSE Linux Enterprise Software Development Kit: 12-SP5

python3-base-debuginfo-32bit: before 3.4.10-25.85.1

libpython3_4m1_0-debuginfo-32bit: before 3.4.10-25.85.1

libpython3_4m1_0-32bit: before 3.4.10-25.85.1

python3-tk-debuginfo: before 3.4.10-25.85.2

python3-tk: before 3.4.10-25.85.2

python3-curses-debuginfo: before 3.4.10-25.85.2

python3-curses: before 3.4.10-25.85.2

python3-base: before 3.4.10-25.85.1

python3: before 3.4.10-25.85.2

libpython3_4m1_0-debuginfo: before 3.4.10-25.85.1

libpython3_4m1_0: before 3.4.10-25.85.1

python3-devel-debuginfo: before 3.4.10-25.85.1

python3-devel: before 3.4.10-25.85.1

python3-debugsource: before 3.4.10-25.85.2

python3-debuginfo: before 3.4.10-25.85.2

python3-dbm-debuginfo: before 3.4.10-25.85.2

python3-dbm: before 3.4.10-25.85.2

python3-base-debugsource: before 3.4.10-25.85.1

python3-base-debuginfo: before 3.4.10-25.85.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20220882-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) CRLF injection

EUVDB-ID: #VU61675

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-0391

CWE-ID: CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to inject arbitrary data in server response.

The vulnerability exists due to insufficient validation of attacker-supplied data within the urllib.parse module in Python. A remote attacker can pass specially crafted data to the application containing CR-LF characters and modify application behavior.

Mitigation

Update the affected package python3 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications: 12-SP3 - 12-SP5

SUSE Linux Enterprise High Performance Computing: 12

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON - 12-SP5

SUSE Linux Enterprise Module for Web Scripting: 12

SUSE Linux Enterprise Software Development Kit: 12-SP5

python3-base-debuginfo-32bit: before 3.4.10-25.85.1

libpython3_4m1_0-debuginfo-32bit: before 3.4.10-25.85.1

libpython3_4m1_0-32bit: before 3.4.10-25.85.1

python3-tk-debuginfo: before 3.4.10-25.85.2

python3-tk: before 3.4.10-25.85.2

python3-curses-debuginfo: before 3.4.10-25.85.2

python3-curses: before 3.4.10-25.85.2

python3-base: before 3.4.10-25.85.1

python3: before 3.4.10-25.85.2

libpython3_4m1_0-debuginfo: before 3.4.10-25.85.1

libpython3_4m1_0: before 3.4.10-25.85.1

python3-devel-debuginfo: before 3.4.10-25.85.1

python3-devel: before 3.4.10-25.85.1

python3-debugsource: before 3.4.10-25.85.2

python3-debuginfo: before 3.4.10-25.85.2

python3-dbm-debuginfo: before 3.4.10-25.85.2

python3-dbm: before 3.4.10-25.85.2

python3-base-debugsource: before 3.4.10-25.85.1

python3-base-debuginfo: before 3.4.10-25.85.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20220882-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###