USN-5713-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-5713-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-5713-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-5713-1
Related
Published
2022-11-03T13:56:06.344745Z
Modified
2022-11-03T13:56:06.344745Z
Summary
python3.10 vulnerability
Details

Devin Jeanpierre discovered that Python incorrectly handled sockets when the multiprocessing module was being used. A local attacker could possibly use this issue to execute arbitrary code and escalate privileges.

References

Affected packages

Ubuntu:22.04:LTS / python3.10

Package

Name
python3.10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.6-1~22.04.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "libpython3.10": "3.10.6-1~22.04.1",
            "python3.10": "3.10.6-1~22.04.1",
            "libpython3.10-stdlib": "3.10.6-1~22.04.1",
            "python3.10-examples": "3.10.6-1~22.04.1",
            "libpython3.10-dev": "3.10.6-1~22.04.1",
            "python3.10-doc": "3.10.6-1~22.04.1",
            "python3.10-dev": "3.10.6-1~22.04.1",
            "python3.10-nopie": "3.10.6-1~22.04.1",
            "libpython3.10-testsuite": "3.10.6-1~22.04.1",
            "python3.10-venv": "3.10.6-1~22.04.1",
            "libpython3.10-minimal": "3.10.6-1~22.04.1",
            "python3.10-full": "3.10.6-1~22.04.1",
            "idle-python3.10": "3.10.6-1~22.04.1",
            "python3.10-minimal": "3.10.6-1~22.04.1"
        }
    ]
}