CVE-2024-5642

CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to NPN being not widely used and specifying an empty list likely being uncommon in-practice (typically a protocol name would be configured).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
PSFCNA
---
---
CISA-ADPADP
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
Debian logo
Debian Releases
Debian Product
Codename
pypy3
bullseye
ignored
bullseye (security)
vulnerable
bookworm
7.3.11+dfsg-2+deb12u3
fixed
trixie
7.3.19+dfsg-2
fixed
forky
7.3.20+dfsg-4
fixed
sid
7.3.20+dfsg-4
fixed
python2.7
bullseye
vulnerable
python3.11
bookworm
3.11.2-6+deb12u6
fixed
bullseye
ignored
bookworm (security)
3.11.2-6+deb12u3
fixed
python3.13
trixie
3.13.5-2
fixed
bullseye
ignored
forky
3.13.9-1
fixed
sid
3.13.9-1
fixed
python3.9
bullseye
vulnerable
bullseye (security)
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
python2.7
questing
dne
plucky
dne
oracular
dne
noble
dne
mantic
dne
jammy
needs-triage
focal
needs-triage
bionic
needs-triage
xenial
needs-triage
trusty
needs-triage
python3.4
questing
dne
plucky
dne
oracular
dne
noble
dne
mantic
dne
jammy
dne
focal
dne
trusty
needs-triage
python3.5
questing
dne
plucky
dne
oracular
dne
noble
dne
mantic
dne
jammy
dne
focal
dne
xenial
needed
trusty
needs-triage
python3.6
questing
dne
plucky
dne
oracular
dne
noble
dne
mantic
dne
jammy
dne
focal
dne
bionic
not-affected
python3.7
questing
dne
plucky
dne
oracular
dne
noble
dne
mantic
dne
jammy
dne
focal
dne
bionic
not-affected
python3.8
questing
dne
plucky
dne
oracular
dne
noble
dne
mantic
dne
jammy
dne
focal
not-affected
bionic
not-affected
python3.9
questing
dne
plucky
dne
oracular
dne
noble
dne
mantic
dne
jammy
dne
focal
needs-triage
python3.10
questing
dne
plucky
dne
oracular
dne
noble
dne
mantic
dne
jammy
not-affected
focal
dne
python3.11
questing
dne
plucky
dne
oracular
dne
noble
dne
mantic
ignored
jammy
not-affected
focal
dne
python3.12
questing
dne
plucky
dne
oracular
not-affected
noble
not-affected
mantic
ignored
jammy
dne
focal
dne
References
http://www.openwall.com/lists/oss-security/2024/06/28/4
https://github.com/python/cpython/commit/39258d3595300bc7b952854c915f63ae2d4b9c3e
https://github.com/python/cpython/commit/a2cdbb6e8188ba9ba8b356b28d91bff60e86fe31
https://github.com/python/cpython/issues/121227
https://github.com/python/cpython/pull/23014
https://jbp.io/2024/06/27/cve-2024-5535-openssl-memory-safety.html
https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/
https://security.netapp.com/advisory/ntap-20240726-0005/
http://www.openwall.com/lists/oss-security/2024/06/28/4
https://github.com/python/cpython/commit/39258d3595300bc7b952854c915f63ae2d4b9c3e
https://github.com/python/cpython/issues/121227
https://github.com/python/cpython/pull/23014
https://jbp.io/2024/06/27/cve-2024-5535-openssl-memory-safety.html
https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/
https://security.netapp.com/advisory/ntap-20240726-0005/