SB2024090915 - Insecure temporary file in Python for Windows

Description

This security bulletin contains information about 1 security vulnerability.

1) Creation of Temporary File With Insecure Permissions (CVE-ID: CVE-2024-4030)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users instead usually inheriting the correct permissions from the default location. A local user can gain access to potentially sensitive information stored in temporary files.

Successful exploitation of the vulnerability requires that an alternate configuration or users without a profile directory.

Remediation

Install update from vendor's website.

References

• https://mail.python.org/archives/list/security-announce@python.org/thread/PRGS5OR3N3PNPT4BMV2VAGN5GMUI5636/
• https://github.com/python/cpython/issues/118486
• https://github.com/python/cpython/commit/81939dad77001556c527485d31a2d0f4a759033e
• https://github.com/python/cpython/commit/8ed546679524140d8282175411fd141fe7df070d
• https://github.com/python/cpython/commit/35c799d79177b962ddace2fa068101465570a29a
• https://github.com/python/cpython/commit/5130731c9e779b97d00a24f54cdce73ce9975dfd
• https://github.com/python/cpython/commit/66f8bb76a15e64a1bb7688b177ed29e26230fdee
• https://github.com/python/cpython/commit/6d0850c4c8188035643586ab4d8ec2468abd699e
• https://github.com/python/cpython/commit/91e3669e01245185569d09e9e6e11641282971ee
• https://github.com/python/cpython/commit/94591dca510c796c7d40e9b4167ea56f2fdf28ca
• https://github.com/python/cpython/commit/c8f868dc52f98011d0f9b459b6487920bfb0ac4d
• https://github.com/python/cpython/commit/d86b49411753bf2c83291e3a14ae43fefded2f84
• https://github.com/python/cpython/commit/e1dfa978b1ad210d551385ad8073ec6154f53763
• https://github.com/python/cpython/commit/eb29e2f5905da93333d1ce78bc98b151e763ff46