Amazon Linux AMI : python-simplejson (ALAS-2014-374)

medium Nessus Plugin ID 78317

Synopsis

The remote Amazon Linux AMI host is missing a security update.

Description

It was reported that Python built-in _json module have a flaw (insufficient bounds checking), which allows a local user to read current process' arbitrary memory.

Quoting the upstream bug report :

'The sole prerequisites of this attack are that the attacker is able to control or influence the two parameters of the default scanstring function: the string to be decoded and the index.

The bug is caused by allowing the user to supply a negative index value. The index value is then used directly as an index to an array in the C code; internally the address of the array and its index are added to each other in order to yield the address of the value that is desired. However, by supplying a negative index value and adding this to the address of the array, the processor's register value wraps around and the calculated value will point to a position in memory which isn't within the bounds of the supplied string, causing the function to access other parts of the process memory.'

Solution

Run 'yum update python-simplejson' to update your system.

See Also

https://bugs.python.org/issue21529

https://alas.aws.amazon.com/ALAS-2014-374.html

Plugin Details

Severity: Medium

ID: 78317

File Name: ala_ALAS-2014-374.nasl

Version: 1.6

Type: local

Agent: unix

Published: 10/12/2014

Updated: 11/19/2018

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: Medium

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:python-simplejson, p-cpe:/a:amazon:linux:python-simplejson-debuginfo, cpe:/o:amazon:linux

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Patch Publication Date: 9/19/2014

Reference Information

CVE: CVE-2014-4616

ALAS: 2014-374