Lucene search

GoogleOSV:PSF-2022-2

HistoryOct 03, 2022 - 4:21 p.m.

Buffer overflow vulnerability in os.symlink on Windows

2022-10-0316:21:59

Google

osv.dev

buffer overflow

python

windows

software foundation

cpython

arbitrary code execution

privilege escalation

vulnerability

symlink

python script

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.6%

JSON

Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.

CPENameOperatorVersion
cpythoneq2.5a0
cpythoneq1.2b3
cpythoneq3.5.0
cpythoneq3.2.3rc1
cpythoneq2.7.3rc1
cpythoneq3.4.0rc3
cpythoneq1.5a4
cpythoneq2.6.5rc2
cpythoneq3.0b3
cpythoneq3.4.0

Name	Operator	Version
cpython	eq	2.5a0
cpython	eq	1.2b3
cpython	eq	3.5.0
cpython	eq	3.2.3rc1
cpython	eq	2.7.3rc1
cpython	eq	3.4.0rc3
cpython	eq	1.5a4
cpython	eq	2.6.5rc2
cpython	eq	3.0b3
cpython	eq	3.4.0