CVE-2025-22153

Publication date 23 January 2025

Last updated 19 March 2025

Ubuntu priority

Medium

Why this priority?

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11 and prior to 3.13.2 when using `try/except*`, RestrictedPython starting in version 6.0 and prior to version 8.0 could be bypassed. The issue is patched in version 8.0 of RestrictedPython by removing support for `try/except*` clauses. No known workarounds are available.

Status

Package Ubuntu Release Status
restrictedpython 24.10 oracular
Fixed 6.2-1ubuntu0.24.10.1
24.04 LTS noble
22.04 LTS jammy
Not affected
20.04 LTS focal
Not affected
18.04 LTS bionic
Not affected
16.04 LTS xenial
Not affected

Get expanded security coverage with Ubuntu Pro

Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.

Get Ubuntu Pro

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
restrictedpython

References

Related Ubuntu Security Notices (USN)

    • USN-7355-1
    • RestrictedPython vulnerabilities
    • 18 March 2025

Other references