Detections
Analytics

SUSE SLES15: libpython3_9-1_0 / libpython3_9-1_0-32bit / python39 / etc (SUSE-SU-2023:0707-1)

critical Nessus Plugin ID 172475

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0707-1 advisory.

 - CVE-2023-24329: Fixed blocklists bypass via the urllib.parse component when supplying a URL that starts with blank characters (bsc#1208471).

 Update to 3.9.16:
 - python -m http.server no longer allows terminal control characters sent within a garbage request to be printed to the stderr server log.
 This is done by changing the http.server BaseHTTPRequestHandler .log_message method to replace control characters with a \xHH hex escape before printing.
 - Avoid publishing list of active per-interpreter audit hooks via the gc module
 - The IDNA codec decoder used on DNS hostnames by socket or asyncio related name resolution functions no longer involves a quadratic algorithm. This prevents a potential CPU denial of service if an out-of-spec excessive length hostname involving bidirectional characters were decoded. Some protocols such as urllib http 3xx redirects potentially allow for an attacker to supply such a name (CVE-2015-20107).
 - Update bundled libexpat to 2.5.0
 - Port XKCPs fix for the buffer overflows in SHA-3 (CVE-2022-37454).
 - On Linux the multiprocessing module returns to using filesystem backed unix domain sockets for communication with the forkserver process instead of the Linux abstract socket namespace. Only code that chooses to use the forkserver start method is affected.
 Abstract sockets have no permissions and could allow any user on the system in the same network namespace (often the whole system) to inject code into the multiprocessing forkserver process. This was a potential privilege escalation. Filesystem based socket permissions restrict this to the forkserver process user as was the default in Python 3.8 and earlier.
 This prevents Linux CVE-2022-42919.
 - The deprecated mailcap module now refuses to inject unsafe text (filenames, MIME types, parameters) into shell commands. Instead of using such text, it will warn and act as if a match was not found (or for test commands, as if the test failed).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1208471

https://www.suse.com/security/cve/CVE-2015-20107

https://www.suse.com/security/cve/CVE-2022-37454

https://www.suse.com/security/cve/CVE-2022-42919

https://www.suse.com/security/cve/CVE-2022-45061

https://www.suse.com/security/cve/CVE-2023-24329

http://www.nessus.org/u?b28eeb2e

Plugin Details

Severity: Critical

ID: 172475

File Name: suse_SU-2023-0707-1.nasl

Version: 1.6

Type: Local

Agent: unix

Published: 3/11/2023

Updated: 6/26/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, tenable_cloud_security, tenable_self_hosted_container_security, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 8

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:C/A:P

CVSS Score Source: CVE-2015-20107

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2022-37454

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:python39-curses, p-cpe:/a:novell:suse_linux:python39-tk, p-cpe:/a:novell:suse_linux:libpython3_9-1_0, p-cpe:/a:novell:suse_linux:python39-idle, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:python39, p-cpe:/a:novell:suse_linux:python39-devel, p-cpe:/a:novell:suse_linux:python39-tools, p-cpe:/a:novell:suse_linux:python39-base, p-cpe:/a:novell:suse_linux:python39-dbm

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/10/2023

Vulnerability Publication Date: 4/12/2022

Reference Information

CVE: CVE-2015-20107, CVE-2022-37454, CVE-2022-42919, CVE-2022-45061, CVE-2023-24329

IAVA: 2022-A-0467-S, 2023-A-0061-S, 2023-A-0118-S, 2023-A-0283-S

SuSE: SUSE-SU-2023:0707-1