Pure-Python fallback of socket.socketpair() doesn’t authenticate peer connection
CVE-2024-3219

5.1MEDIUM

Key Information:

Vendor
Python Software Foundation
Status
Cpython
Vendor
CVE Published:
29 July 2024

Summary

The “socket” module provides a pure-Python fallback to the socket.socketpair() function for platforms that don’t support AF_UNIX, such as Windows. This pure-Python implementation uses AF_INET or AF_INET6 to create a local connected pair of sockets. The connection between the two sockets was not verified before passing the two sockets back to the user, which leaves the server socket vulnerable to a connection race from a malicious local peer.

Platforms that support AF_UNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included.

Affected Version(s)

CPython Windows 0 < 3.8.20

CPython Windows 3.9.0 < 3.9.20

CPython Windows 3.10.0 < 3.10.15

References

https://github.com/python/cpython/pull/122134
patch
https://github.com/python/cpython/issues/122133
issue-tracking
https://mail.python.org/archives/list/security-announce@p...
vendor-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

Credit

Ellie
.