Your submission was sent successfully! Close

CVE-2014-2667

Published: 16 November 2014

Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the expected value.

Notes

AuthorNote
seth-arnold
The upstream patch uses umask(0022) instead of umask(0) -- which
seems as bad as the original behaviour. We should see if there is an updated
patch when we prepare our packages that replaces the bad code.
mdeslaur
introduced by the fix for http://bugs.python.org/issue9299
upstream commited a better fix than the proposed one in the bug
but it now changes behavour
Priority

Low

Status

Package Release Status
python2.7
Launchpad, Ubuntu, Debian
artful Not vulnerable

bionic Not vulnerable

cosmic Not vulnerable

lucid Does not exist

precise Not vulnerable

quantal Not vulnerable

saucy Not vulnerable

trusty Not vulnerable

upstream Not vulnerable

utopic Not vulnerable

vivid Not vulnerable

wily Not vulnerable

xenial Not vulnerable

yakkety Not vulnerable

zesty Not vulnerable

python3.2
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

lucid Does not exist

precise Does not exist
(precise was needed)
quantal Ignored
(reached end-of-life)
saucy Does not exist

trusty Does not exist

upstream Needed

utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

Patches:
upstream: http://hg.python.org/cpython/rev/9186f4a18584e

python3.4
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Does not exist

trusty
Released (3.4.3-1ubuntu1~14.04)
upstream Needed

utopic Not vulnerable
(3.4.2-1)
vivid Not vulnerable
(3.4.3-3)
wily Not vulnerable
(3.4.3-7)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

Patches:

upstream: http://hg.python.org/cpython/rev/c24dd53ab4b9