Local Privilege Escalation in Python Multiprocessing on Linux Systems
CVE-2022-42919

7.8HIGH

Key Information:

Vendor
Python
Status
Python
Vendor
CVE Published:
7 November 2022

Summary

This vulnerability allows local privilege escalation on Linux systems using specific versions of Python (3.9.x prior to 3.9.16 and 3.10.x prior to 3.10.9). The Python multiprocessing library enabled with the forkserver start method may allow deserialization of pickles from any user in the same machine's local network namespace. As a result, malicious users can exploit this flaw to execute arbitrary code, potentially escalating their privileges to that of the user under which any forkserver process operates. This issue is mitigated by setting multiprocessing.util.abstract_sockets_supported to False, although the forkserver method is not the default configuration.

References

https://github.com/python/cpython/issues/97514
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisory
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisory

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.