CVE-2023-6507
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/12/2023
Last modified:
07/05/2024
Description
An issue was found in CPython 3.12.0 `subprocess` module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases.<br />
<br />
When using the `extra_groups=` parameter with an empty list as a value (ie `extra_groups=[]`) the logic regressed to not call `setgroups(0, NULL)` before calling `exec()`, thus not dropping the original processes&#39; groups before starting the new process. There is no issue when the parameter isn&#39;t used or when any value is used besides an empty list.<br />
<br />
This issue only impacts CPython processes run with sufficient privilege to make the `setgroups` system call (typically `root`).<br />
<br />
Impact
Base Score 3.x
4.90
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:python:python:3.12.0:-:*:*:*:*:*:* | ||
| cpe:2.3:a:python:python:3.13.0:alpha1:*:*:*:*:*:* | ||
| cpe:2.3:a:python:python:3.13.0:alpha2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://github.com/python/cpython/commit/10e9bb13b8dcaa414645b9bd10718d8f7179e82b
- https://github.com/python/cpython/commit/85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06
- https://github.com/python/cpython/commit/9fe7655c6ce0b8e9adc229daf681b6d30e6b1610
- https://github.com/python/cpython/issues/112334
- https://mail.python.org/archives/list/security-announce@python.org/thread/AUL7QFHBLILGISS7U63B47AYSSGJJQZD/