CVE-2022-48564
python: DoS when processing malformed Apple Property List files in binary format
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
A vulnerability was found in the Python core plistlib library within the read_ints() function in the plistlib.py file. In malformed input, the implementation can be manipulated to create an argument for struct.unpack(). This issue can lead to excessive CPU and memory consumption, resulting in a MemError, as it constructs the 'format' argument for unpack(). This flaw allows an attacker to employ a binary plist input, potentially executing a denial of service (DoS) attack by exhausting CPU and RAM resources.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-07-23 CVE Reserved
- 2023-08-22 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2024-08-28 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html | Mailing List | |
https://security.netapp.com/advisory/ntap-20230929-0009 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://bugs.python.org/issue42103 | 2024-08-03 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2022-48564 | 2024-01-30 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2249750 | 2024-01-30 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Python Search vendor "Python" | Python Search vendor "Python" for product "Python" | < 3.6.13 Search vendor "Python" for product "Python" and version " < 3.6.13" | - |
Affected
| ||||||
Python Search vendor "Python" | Python Search vendor "Python" for product "Python" | >= 3.7.0 < 3.7.10 Search vendor "Python" for product "Python" and version " >= 3.7.0 < 3.7.10" | - |
Affected
| ||||||
Python Search vendor "Python" | Python Search vendor "Python" for product "Python" | >= 3.8.0 < 3.8.7 Search vendor "Python" for product "Python" and version " >= 3.8.0 < 3.8.7" | - |
Affected
| ||||||
Python Search vendor "Python" | Python Search vendor "Python" for product "Python" | >= 3.9.0 < 3.9.1 Search vendor "Python" for product "Python" and version " >= 3.9.0 < 3.9.1" | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Active Iq Unified Manager Search vendor "Netapp" for product "Active Iq Unified Manager" | - | vmware_vsphere |
Affected
| ||||||
Netapp Search vendor "Netapp" | Active Iq Unified Manager Search vendor "Netapp" for product "Active Iq Unified Manager" | - | windows |
Affected
|