SUSE SLED15: libpython3_10-1_0 / libpython3_10-1_0-32bit / python310 / etc (SUSE-SU-2022:4004-1)

high Nessus Plugin ID 167647

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4004-1 advisory.

Security fixes:

- CVE-2022-42919: Fixed local privilege escalation via the multiprocessing forkserver start method (bsc#1204886).
- CVE-2022-45061: Fixed a quadratic IDNA decoding time (bsc#1205244).

Other fixes:

- allow building of documentation with the latest Sphinx 5.3.0 (gh#python/cpython#98366).

- Update to 3.10.8:
- Fix multiplying a list by an integer (list *= int): detect the integer overflow when the new allocated length is close to the maximum size.
- Fix a shell code injection vulnerability in the get-remote-certificate.py example script. The script no longer uses a shell to run openssl commands. (originally filed as CVE-2022-37460, later withdrawn)
- Fix command line parsing: reject -X int_max_str_digits option with no value (invalid) when the PYTHONINTMAXSTRDIGITS environment variable is set to a valid limit.
- When ValueError is raised if an integer is larger than the limit, mention the sys.set_int_max_str_digits() function in the error message.
- The deprecated mailcap module now refuses to inject unsafe text (filenames, MIME types, parameters) into shell commands. Instead of using such text, it will warn and act as if a match was not found (or for test commands, as if the test failed).
- os.sched_yield() now release the GIL while calling sched_yield(2).
- Bugfix: PyFunction_GetAnnotations() should return a borrowed reference. It was returning a new reference.
- Fixed a missing incref/decref pair in Exception.__setstate__().
- Fix overly-broad source position information for chained comparisons used as branching conditions.
- Fix undefined behaviour in _testcapimodule.c.
- At Python exit, sometimes a thread holding the GIL can wait forever for a thread (usually a daemon thread) which requested to drop the GIL, whereas the thread already exited. To fix the race condition, the thread which requested the GIL drop now resets its request before exiting.
- Fix a possible assertion failure, fatal error, or SystemError if a line tracing event raises an exception while opcode tracing is enabled.
- Fix undefined behaviour in C code of null pointer arithmetic.
- Do not expose KeyWrapper in _functools.
- When loading a file with invalid UTF-8 inside a multi-line string, a correct SyntaxError is emitted.
- Disable incorrect pickling of the C implemented classmethod descriptors.
- Fix AttributeError missing name and obj attributes in .
object.__getattribute__() bpo-42316: Document some places .
where an assignment expression needs parentheses .
- Wrap network errors consistently in urllib FTP support, so the test suite doesnt fail when a network is available but the public internet is not reachable.
- Fixes AttributeError when subprocess.check_output() is used with argument input=None and either of the arguments encoding or errors are used.
- Avoid spurious tracebacks from asyncio when default executor cleanup is delayed until after the event loop is closed (e.g.
as the result of a keyboard interrupt).
- Avoid a crash in the C version of asyncio.Future.remove_done_callback() when an evil argument is passed.
- Remove tokenize.NL check from tabnanny.
- Make Semaphore run faster.
- Fix generation of the default name of tkinter.Checkbutton. Previously, checkbuttons in different parent widgets could have the same short name and share the same state if arguments name and variable are not specified. Now they are globally unique.
- Update bundled libexpat to 2.4.9
- Fix race condition in asyncio where process_exited() called before the pipe_data_received() leading to inconsistent output.
- Fixed check in multiprocessing.resource_tracker that guarantees that the length of a write to a pipe is not greater than PIPE_BUF.
- Corrected type annotation for dataclass attribute pstats.FunctionProfile.ncalls to be str.
- Fix the faulthandler implementation of faulthandler.register(signal, chain=True) if the sigaction() function is not available: dont call the previous signal handler if its NULL.
- In inspect, fix overeager replacement of typing. in formatting annotations.
- Fix asyncio.streams.StreamReaderProtocol to keep a strong reference to the created task, so that its not garbage collected
- Fix handling compiler warnings (SyntaxWarning and DeprecationWarning) in codeop.compile_command() when checking for incomplete input. Previously it emitted warnings and raised a SyntaxError. Now it always returns None for incomplete input without emitting any warnings.
- Fixed flickering of the turtle window when the tracer is turned off.
- Allow asyncio.StreamWriter.drain() to be awaited concurrently by multiple tasks.
- Fix broken asyncio.Semaphore when acquire is cancelled.
- Fix ast.unparse() when ImportFrom.level is None
- Improve performance of urllib.request.getproxies_environment when there are many environment variables
- Fix ! in c domain ref target syntax via a conf.py patch, so it works as intended to disable ref target resolution.
- Clarified the conflicting advice given in the ast documentation about ast.literal_eval() being safe for use on untrusted input while at the same time warning that it can crash the process. The latter statement is true and is deemed unfixable without a large amount of work unsuitable for a bugfix. So we keep the warning and no longer claim that literal_eval is safe.
- Update tutorial introduction output to use 3.10+ SyntaxError invalid range.

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1204886

https://bugzilla.suse.com/1205244

https://www.suse.com/security/cve/CVE-2022-42919

https://www.suse.com/security/cve/CVE-2022-45061

http://www.nessus.org/u?f96c8d10

Plugin Details

Severity: High

ID: 167647

File Name: suse_SU-2022-4004-1.nasl

Version: 1.12

Type: Local

Agent: unix

Published: 11/16/2022

Updated: 6/25/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.6

Percentile: 98.67

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2022-42919

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:python310-dbm, p-cpe:/a:novell:suse_linux:libpython3_10-1_0, p-cpe:/a:novell:suse_linux:python310, p-cpe:/a:novell:suse_linux:python310-devel, p-cpe:/a:novell:suse_linux:python310-curses, p-cpe:/a:novell:suse_linux:python310-tools, p-cpe:/a:novell:suse_linux:python310-tk, p-cpe:/a:novell:suse_linux:python310-idle, p-cpe:/a:novell:suse_linux:python310-base, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/15/2022

Vulnerability Publication Date: 11/7/2022

Reference Information

CVE: CVE-2022-42919, CVE-2022-45061

IAVA: 2022-A-0467-S, 2023-A-0061-S

SuSE: SUSE-SU-2022:4004-1