{ "threat_severity" : "Moderate", "public_date" : "2022-11-09T00:00:00Z", "bugzilla" : { "description" : "python: CPU denial of service via inefficient IDNA decoder", "id" : "2144072", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2144072" }, "cvss3" : { "cvss3_base_score" : "7.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-400", "details" : [ "An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.", "A vulnerability was discovered in Python. A quadratic algorithm exists when processing inputs to the IDNA (RFC 3490) decoder, such that a crafted unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor, which could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied hostname." ], "statement" : "This is an algorithmic complexity flaw found in Python's idna module. The vulnerability exists in the IDNA decoder, which uses an inefficient quadratic-time algorithm. It is triggered when processing a crafted, unreasonably long hostname supplied by a remote attacker, leading to excessive CPU consumption. This results in a denial of service (DoS) by making the affected application unresponsive, this flaw is rated as moderate because it impacts the availability of the application process rather than the entire system.\nVersions of `python36:3.6/python36` as shipped with Red Hat Enterprise Linux 8 are marked as 'Not affected' as they just provide \"symlinks\" to the main `python3` component, which provides the actual interpreter of the Python programming language.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-02-21T00:00:00Z", "advisory" : "RHSA-2023:0833", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "python3-0:3.6.8-48.el8_7.1" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-05-16T00:00:00Z", "advisory" : "RHSA-2023:2763", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "python38:3.8-8080020221221151857.0d9ba776" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-05-16T00:00:00Z", "advisory" : "RHSA-2023:2763", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "python38-devel:3.8-8080020221221151857.0d9ba776" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-05-16T00:00:00Z", "advisory" : "RHSA-2023:2764", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "python39:3.9-8080020221221152015.aed85c85" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-05-16T00:00:00Z", "advisory" : "RHSA-2023:2764", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "python39-devel:3.9-8080020221221152015.aed85c85" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-05-16T00:00:00Z", "advisory" : "RHSA-2023:2860", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "python27:2.7-8080020221221225124.ba5e661a" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-02-21T00:00:00Z", "advisory" : "RHSA-2023:0833", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "python3-0:3.6.8-48.el8_7.1" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date" : "2024-01-25T00:00:00Z", "advisory" : "RHSA-2024:0430", "cpe" : "cpe:/a:redhat:rhel_eus:8.6", "package" : "python3-0:3.6.8-47.el8_6.4" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-02-28T00:00:00Z", "advisory" : "RHSA-2023:0953", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "python3.9-0:3.9.14-1.el9_1.2" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-02-28T00:00:00Z", "advisory" : "RHSA-2023:0953", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "python3.9-0:3.9.14-1.el9_1.2" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2023-11-08T00:00:00Z", "advisory" : "RHSA-2023:6793", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-0:3.8.18-2.el7" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "python", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "python", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "python3", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Affected", "package_name" : "gimp:flatpak/python2", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "inkscape:flatpak/python2", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "python36:3.6/python36", "cpe" : "cpe:/o:redhat:enterprise_linux:8" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-45061\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-45061\nhttps://github.com/python/cpython/issues/98433\nhttps://python-security.readthedocs.io/vuln/slow-idna-large-strings.html" ], "name" : "CVE-2022-45061", "csaw" : false }