CVE-2018-1000030Use After Free in Python

CWE-416Use After FreeCWE-787Out-of-bounds WriteCWE-366Race Condition within a Thread10 documents7 sources
Severity
3.6LOWNVD
EPSS
1.6%
top 18.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Debian Python2.7PythonCanonical Ubuntu Linux
Timeline
PublishedFeb 8
Latest updateMay 13

Description

Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:LExploitability: 1.0 | Impact: 2.5

Affected Packages2 packages

debiandebian/python2.7< python2.7 2.7.14-5 (bullseye)
NVDpython/python2.7.14

Also affects: Ubuntu Linux 12.04, 14.04, 16.04, 18.04

Patches

Patch: bugs.python.orgPatch: bugs.python.org

🔴Vulnerability Details

3
GHSA
GHSA-rwj4-fxr5-gh64: Python 22022-05-13
OSV
python2.7, python3.4, python3.5 vulnerabilities2018-11-13
OSV
CVE-2018-1000030: Python 22018-02-08

📋Vendor Advisories

4
Ubuntu
Python vulnerabilities2018-11-15
Ubuntu
Python vulnerabilities2018-11-13
Debian
CVE-2018-1000030: python2.7 - Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-Afte...2018
Red Hat
python: Heap-Buffer-Overflow and Heap-Use-After-Free in Objects/fileobject.c2017-09-20

💬Community

2
Bugzilla
CVE-2018-1000030 python: Heap-Buffer-Overflow and Heap-Use-After-Free in Objects/fileobject.c [fedora-all]2018-02-02
Bugzilla
CVE-2018-1000030 python: Heap-Buffer-Overflow and Heap-Use-After-Free in Objects/fileobject.c2018-02-02