oss-sec mailing list archives

CPython: [CVE-2024-6232] Regular-expression DoS when parsing TarFile headers

From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Tue, 3 Sep 2024 10:35:35 -0700

The CVE record currently says:
 Versions: affected from 0 before 3.13.0rc2

and points to https://github.com/python/cpython/issues/121285 which provides
this slightly expanded description:

"Today the tarfile module parsing of header values allows for backtracking
 when parsing header values. Headers have a well-known format that doesn't
 require backtracking to parse reliably, the new method of parsing will only
 require a single pass over a byte stream."

and has links to pull requests for Python versions 3.8 through 3.13.

-------- Forwarded Message --------

Subject: [Security-announce][CVE-2024-6232] Regular-expression DoS when parsingTarFile headers

Date:   Tue, 3 Sep 2024 07:30:02 -0500
From:   Seth Larson <seth () python org>
Reply-To:       security-sig () python org
To:     security-announce () python org



There is a MEDIUM severity vulnerability affecting CPython.

Regular expressions that allowed excessive backtracking during tarfile.TarFileheader parsing are vulnerable to ReDoS via specifically-crafted tar archives.


Please see the linked CVE ID for the latest information on affected versions:

* https://www.cve.org/CVERecord?id=CVE-2024-6232
* https://github.com/python/cpython/pull/121286

_______________________________________________
Security-announce mailing list -- security-announce () python org
https://mail.python.org/mailman3/lists/security-announce.python.org/

Current thread:

CPython: [CVE-2024-6232] Regular-expression DoS when parsing TarFile headers Alan Coopersmith (Sep 03)