UBUNTU-CVE-2024-3219

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2024-3219

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2024-3219

Withdrawn

2025-06-23T15:57:34Z

Published

2024-07-29T22:15:00Z

Modified

2024-07-29T22:15:00Z

Summary

[none]

Details

There is a MEDIUM severity vulnerability affecting CPython. The “socket” module provides a pure-Python fallback to the socket.socketpair() function for platforms that don’t support AFUNIX, such as Windows. This pure-Python implementation uses AFINET or AFINET6 to create a local connected pair of sockets. The connection between the two sockets was not verified before passing the two sockets back to the user, which leaves the server socket vulnerable to a connection race from a malicious local peer. Platforms that support AFUNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included.

References

Affected packages

Ubuntu:20.04:LTS

python2.7

Package

Name: python2.7
Purl: pkg:deb/ubuntu/python2.7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.17~rc1-1

2.7.17-1

2.7.17-1ubuntu5

2.7.17-1ubuntu6

2.7.18~rc1-2

2.7.18-1~20.04

2.7.18-1~20.04.1

2.7.18-1~20.04.3

2.7.18-1~20.04.4

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

python3.8

Package

Name: python3.8
Purl: pkg:deb/ubuntu/python3.8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.8.0-1

3.8.0-2

3.8.0-3

3.8.0-4

3.8.0-5

3.8.1-2ubuntu3

3.8.2~rc1-1ubuntu1

3.8.2-1

3.8.2-1ubuntu1

3.8.2-1ubuntu1.1

3.8.2-1ubuntu1.2

3.8.5-1~20.04

3.8.5-1~20.04.2

3.8.5-1~20.04.3

3.8.10-0ubuntu1~20.04

3.8.10-0ubuntu1~20.04.1

3.8.10-0ubuntu1~20.04.2

3.8.10-0ubuntu1~20.04.4

3.8.10-0ubuntu1~20.04.5

3.8.10-0ubuntu1~20.04.6

3.8.10-0ubuntu1~20.04.7

3.8.10-0ubuntu1~20.04.8

3.8.10-0ubuntu1~20.04.9

3.8.10-0ubuntu1~20.04.10

3.8.10-0ubuntu1~20.04.11

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

python3.9

Package

Name: python3.9
Purl: pkg:deb/ubuntu/python3.9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.9.0~rc1-1~20.04

3.9.0-5~20.04

3.9.5-3~20.04.1

3.9.5-3ubuntu0~20.04.1

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

Ubuntu:22.04:LTS

python2.7

Package

Name: python2.7
Purl: pkg:deb/ubuntu/python2.7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.18-8build1

2.7.18-13

2.7.18-13ubuntu1

2.7.18-13ubuntu1.1

2.7.18-13ubuntu1.2

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

python3.10

Package

Name: python3.10
Purl: pkg:deb/ubuntu/python3.10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.10.0-2

3.10.0-3

3.10.0-4

3.10.0-5

3.10.0-5build1

3.10.1-1

3.10.1-2

3.10.2-1

3.10.2-5

3.10.2-7

3.10.3-1

3.10.4-3

3.10.4-3ubuntu0.1

3.10.6-1~22.04

3.10.6-1~22.04.1

3.10.6-1~22.04.2

3.10.6-1~22.04.2ubuntu1

3.10.6-1~22.04.2ubuntu1.1

3.10.12-1~22.04.2

3.10.12-1~22.04.3

3.10.12-1~22.04.4

3.10.12-1~22.04.5

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

python3.11

Package

Name: python3.11
Purl: pkg:deb/ubuntu/python3.11

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.11.0~rc1-1~22.04

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

Ubuntu:24.04:LTS

python3.12

Package

Name: python3.12
Purl: pkg:deb/ubuntu/python3.12

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.12.0-1

3.12.0-5

3.12.0-6

3.12.0-7

3.12.1-2

3.12.2-1

3.12.2-4build3

3.12.2-4build4

3.12.2-5ubuntu3

3.12.3-1

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

Ubuntu:Pro:14.04:LTS

python2.7

Package

Name: python2.7
Purl: pkg:deb/ubuntu/python2.7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.5-8ubuntu3

2.7.5-8ubuntu4

2.7.6-2

2.7.6-2ubuntu1

2.7.6-3

2.7.6-3ubuntu1

2.7.6-4

2.7.6-4ubuntu1

2.7.6-5

2.7.6-7

2.7.6-8

2.7.6-8ubuntu0.2

2.7.6-8ubuntu0.3

2.7.6-8ubuntu0.4

2.7.6-8ubuntu0.5

2.7.6-8ubuntu0.6+esm2

2.7.6-8ubuntu0.6+esm3

2.7.6-8ubuntu0.6+esm5

2.7.6-8ubuntu0.6+esm6

2.7.6-8ubuntu0.6+esm7

2.7.6-8ubuntu0.6+esm8

2.7.6-8ubuntu0.6+esm9

2.7.6-8ubuntu0.6+esm10

2.7.6-8ubuntu0.6+esm11

2.7.6-8ubuntu0.6+esm12

2.7.6-8ubuntu0.6+esm13

2.7.6-8ubuntu0.6+esm14

2.7.6-8ubuntu0.6+esm15

2.7.6-8ubuntu0.6+esm16

2.7.6-8ubuntu0.6+esm17

2.7.6-8ubuntu0.6+esm18

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

python3.4

Package

Name: python3.4
Purl: pkg:deb/ubuntu/python3.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.4~b1-0ubuntu3

3.4~b1-4ubuntu4

3.4~b1-4ubuntu6

3.4~b1-5ubuntu2

3.4~b2-1

3.4~b3-1ubuntu1

3.4~rc1-1build1

3.4~rc2-1

3.4~rc3-0ubuntu1

3.4.0-1

3.4.0-2ubuntu1

3.4.0-2ubuntu1.1

3.4.3-1ubuntu1~14.04.1

3.4.3-1ubuntu1~14.04.3

3.4.3-1ubuntu1~14.04.4

3.4.3-1ubuntu1~14.04.5

3.4.3-1ubuntu1~14.04.6

3.4.3-1ubuntu1~14.04.7

3.4.3-1ubuntu1~14.04.7+esm2

3.4.3-1ubuntu1~14.04.7+esm4

3.4.3-1ubuntu1~14.04.7+esm6

3.4.3-1ubuntu1~14.04.7+esm7

3.4.3-1ubuntu1~14.04.7+esm8

3.4.3-1ubuntu1~14.04.7+esm10

3.4.3-1ubuntu1~14.04.7+esm11

3.4.3-1ubuntu1~14.04.7+esm12

3.4.3-1ubuntu1~14.04.7+esm13

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

python3.5

Package

Name: python3.5
Purl: pkg:deb/ubuntu/python3.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.5.2-2ubuntu0~16.04.4~14.04.1

3.5.2-2ubuntu0~16.04.4~14.04.1+esm1

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

Ubuntu:Pro:16.04:LTS

python2.7

Package

Name: python2.7
Purl: pkg:deb/ubuntu/python2.7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.10-4ubuntu1

2.7.10-4ubuntu2

2.7.11-2

2.7.11-3

2.7.11-4

2.7.11-6

2.7.11-7

2.7.11-7ubuntu1

2.7.12-1~16.04

2.7.12-1ubuntu0~16.04.1

2.7.12-1ubuntu0~16.04.2

2.7.12-1ubuntu0~16.04.3

2.7.12-1ubuntu0~16.04.4

2.7.12-1ubuntu0~16.04.8

2.7.12-1ubuntu0~16.04.9

2.7.12-1ubuntu0~16.04.11

2.7.12-1ubuntu0~16.04.12

2.7.12-1ubuntu0~16.04.13

2.7.12-1ubuntu0~16.04.14

2.7.12-1ubuntu0~16.04.16

2.7.12-1ubuntu0~16.04.18

2.7.12-1ubuntu0~16.04.18+esm1

2.7.12-1ubuntu0~16.04.18+esm2

2.7.12-1ubuntu0~16.04.18+esm3

2.7.12-1ubuntu0~16.04.18+esm4

2.7.12-1ubuntu0~16.04.18+esm5

2.7.12-1ubuntu0~16.04.18+esm6

2.7.12-1ubuntu0~16.04.18+esm7

2.7.12-1ubuntu0~16.04.18+esm8

2.7.12-1ubuntu0~16.04.18+esm9

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

python3.5

Package

Name: python3.5
Purl: pkg:deb/ubuntu/python3.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.5.0-3

3.5.0-3ubuntu1

3.5.1~rc1-2ubuntu1

3.5.1-1

3.5.1-2

3.5.1-3

3.5.1-5

3.5.1-6ubuntu1

3.5.1-6ubuntu2

3.5.1-9ubuntu1

3.5.1-10

3.5.2-2~16.01

3.5.2-2~16.04

3.5.2-2ubuntu0~16.04.1

3.5.2-2ubuntu0~16.04.2

3.5.2-2ubuntu0~16.04.3

3.5.2-2ubuntu0~16.04.4

3.5.2-2ubuntu0~16.04.5

3.5.2-2ubuntu0~16.04.8

3.5.2-2ubuntu0~16.04.9

3.5.2-2ubuntu0~16.04.10

3.5.2-2ubuntu0~16.04.11

3.5.2-2ubuntu0~16.04.12

3.5.2-2ubuntu0~16.04.13

3.5.2-2ubuntu0~16.04.13+esm1

3.5.2-2ubuntu0~16.04.13+esm2

3.5.2-2ubuntu0~16.04.13+esm3

3.5.2-2ubuntu0~16.04.13+esm5

3.5.2-2ubuntu0~16.04.13+esm6

3.5.2-2ubuntu0~16.04.13+esm7

3.5.2-2ubuntu0~16.04.13+esm8

3.5.2-2ubuntu0~16.04.13+esm9

3.5.2-2ubuntu0~16.04.13+esm10

3.5.2-2ubuntu0~16.04.13+esm11

3.5.2-2ubuntu0~16.04.13+esm12

3.5.2-2ubuntu0~16.04.13+esm13

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

Ubuntu:Pro:18.04:LTS

python2.7

Package

Name: python2.7
Purl: pkg:deb/ubuntu/python2.7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.14-2ubuntu2

2.7.14-4

2.7.14-6

2.7.14-7

2.7.14-8

2.7.15~rc1-1

2.7.15~rc1-1ubuntu0.1

2.7.15-4ubuntu4~18.04

2.7.15-4ubuntu4~18.04.1

2.7.15-4ubuntu4~18.04.2

2.7.17-1~18.04

2.7.17-1~18.04ubuntu1

2.7.17-1~18.04ubuntu1.1

2.7.17-1~18.04ubuntu1.2

2.7.17-1~18.04ubuntu1.3

2.7.17-1~18.04ubuntu1.5

2.7.17-1~18.04ubuntu1.6

2.7.17-1~18.04ubuntu1.7

2.7.17-1~18.04ubuntu1.8

2.7.17-1~18.04ubuntu1.10

2.7.17-1~18.04ubuntu1.11

2.7.17-1~18.04ubuntu1.13

2.7.17-1~18.04ubuntu1.13+esm1

2.7.17-1~18.04ubuntu1.13+esm2

2.7.17-1~18.04ubuntu1.13+esm3

2.7.17-1~18.04ubuntu1.13+esm4

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

python3.6

Package

Name: python3.6
Purl: pkg:deb/ubuntu/python3.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.6.3-1ubuntu1

3.6.4~rc1-1

3.6.4~rc1-2

3.6.4-1

3.6.4-2

3.6.4-3build1

3.6.4-4

3.6.5~rc1-1

3.6.5-3

3.6.6-1~18.04

3.6.7-1~18.04

3.6.8-1~18.04.1

3.6.8-1~18.04.2

3.6.8-1~18.04.3

3.6.9-1~18.04

3.6.9-1~18.04ubuntu1

3.6.9-1~18.04ubuntu1.1

3.6.9-1~18.04ubuntu1.3

3.6.9-1~18.04ubuntu1.4

3.6.9-1~18.04ubuntu1.6

3.6.9-1~18.04ubuntu1.7

3.6.9-1~18.04ubuntu1.8

3.6.9-1~18.04ubuntu1.9

3.6.9-1~18.04ubuntu1.10

3.6.9-1~18.04ubuntu1.12

3.6.9-1~18.04ubuntu1.13

3.6.9-1~18.04ubuntu1.13+esm1

3.6.9-1~18.04ubuntu1.13+esm2

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

python3.7

Package

Name: python3.7
Purl: pkg:deb/ubuntu/python3.7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.7.0~a2-1

3.7.0~a3-1

3.7.0~a3-2

3.7.0~a3-3

3.7.0~a4-1

3.7.0~b1-1

3.7.0~b1-1build1

3.7.0~b2-1

3.7.0~b3-1

3.7.0-1~18.04

3.7.1-1~18.04

3.7.3-2~18.04.1

3.7.5-2~18.04

3.7.5-2~18.04.4

3.7.5-2ubuntu1~18.04.2

3.7.5-2ubuntu1~18.04.2+esm1

3.7.5-2ubuntu1~18.04.2+esm2

3.7.5-2ubuntu1~18.04.2+esm3

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"

python3.8

Package

Name: python3.8
Purl: pkg:deb/ubuntu/python3.8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.8.0-3~18.04

3.8.0-3~18.04.1

3.8.0-3ubuntu1~18.04.2

3.8.0-3ubuntu1~18.04.2+esm1

3.8.0-3ubuntu1~18.04.2+esm2

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-3219.json"