USN-5713-1: Python vulnerability
3 November 2022
Python could be made to run programs if it received specially crafted socket connections.
- python3.10 - An interactive high-level object-oriented language
Devin Jeanpierre discovered that Python incorrectly handled sockets when
the multiprocessing module was being used. A local attacker could possibly
use this issue to execute arbitrary code and escalate privileges.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.
- USN-5888-1: libpython3.9, python3.9-full, libpython3.9-dev, libpython3.9-stdlib, python3.9, python3.9-doc, libpython3.9-testsuite, python3.9-examples, idle-python3.9, python3.9-minimal, libpython3.9-minimal, python3.9-venv, python3.9-dev