CVE-2019-18874Double Free in Project Psutil

CWE-415Double FreeCWE-416Use After Free14 documents9 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 66.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Psutil Project PsutilDebian Python-psutilPaloalto Pan-os+6 more
Timeline
PublishedNov 12
Latest updateApr 10

Description

psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages10 packages

debiandebian/python-psutil< python-psutil 5.6.7-1 (bookworm)
PyPIpsutil_project/psutil< 5.6.6

🔴Vulnerability Details

3
GHSA
Double Free in psutil2020-03-12
OSV
Double Free in psutil2020-03-12
OSV
CVE-2019-18874: psutil (aka python-psutil) through 52019-11-12

📋Vendor Advisories

5
Palo Alto
PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS2024-04-10
Ubuntu
psutil vulnerability2019-11-28
Microsoft
psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.2019-11-12
Red Hat
python-psutil: Double free because of refcount mishandling2019-11-07
Debian
CVE-2019-18874: python-psutil - psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs bec...2019

💬Community

5
Bugzilla
CVE-2019-18874 python-psutil: double free because of refcount mishandling [epel-all]2019-11-13
Bugzilla
CVE-2019-18874 python-psutil: double free because of refcount mishandling [openstack-rdo]2019-11-13
Bugzilla
CVE-2019-18874 python-psutil: Double free because of refcount mishandling2019-11-13
Bugzilla
CVE-2019-18874 python-psutil: double free because of refcount mishandling [openstack-rdo]2019-11-13
Bugzilla
CVE-2019-18874 python-psutil: double free because of refcount mishandling [fedora-all]2019-11-13