PT-2019-6359 · Python+7 · Psutil+7

Riccardo Schirone

Publicado

2019-11-07

Atualizado

2021-11-09

CVE-2019-18874

CVSS v4.0

8.7

Alta

Vetor

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions psutil versions through 5.6.5

Description The issue is related to a double free error in the Psutil library, which is used for tracking computer resources. This error occurs due to incorrect reference count handling when converting system data into a Python object within loops. Exploitation of this issue can allow a remote attacker to cause a denial of service.

Recommendations For psutil versions through 5.6.5, update to a version later than 5.6.5 to resolve the issue.

Correção

Double Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-415

Identificadores relacionados

ALSA-2021:4162

ALSA-2021:4324

ALT-PU-2020-1709

ALT-PU-2020-1771

AZL-6810

BDU:2023-03812

CESA-2021_4162

CESA-2021_4324

CVE-2019-18874

DLA-1998-1

GHSA-QFC5-MCWQ-26Q8

MGASA-2019-0370

OESA-2021-1412

PYSEC-2019-41

RHSA-2020:2583

RHSA-2020:2593

RHSA-2020:2635

RHSA-2020:4299

RHSA-2021:1313

RHSA-2021:4162

RHSA-2021:4324

RHSA-2021_4162

RHSA-2021_4324

RLSA-2021:4162

RLSA-2021:4324

SUSE-RU-2020:2072-1

SUSE-SU-2019:3068-1

SUSE-SU-2020:1901-1

USN-4204-1

Produtos afetados

Alt Linux

Almalinux

Astra Linux

Centos

Red Hat

Rocky Linux

Ubuntu

Psutil

PT-2019-6359 · Python+7 · Psutil+7

CVE-2019-18874

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 174