Fluid Attacks Database

Description

Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	python3.13	>=0 <3.13.1-2	3.13.1-2
alpine v3.20	python3	=3.1.3-r0 \|\| =3.10.0-r0 \|\| =3.10.0-r1 \|\| =3.10.1-r0 \|\| =3.10.2-r0 \|\| =3.10.2-r1 \|\| =3.10.3-r0 \|\| =3.10.3-r1 \|\| =3.10.4-r0 \|\| =3.10.5-r0 \|\| =3.10.5-r1 \|\| =3.10.5-r2 \|\| =3.10.6-r0 \|\| =3.10.6-r1 \|\| =3.10.7-r0 \|\| =3.10.8-r0 \|\| =3.10.8-r1 \|\| =3.10.8-r2 \|\| =3.10.8-r3 \|\| =3.11.0-r0 \|\| =3.11.0-r1 \|\| =3.11.0-r2 \|\| =3.11.1-r0 \|\| =3.11.1-r1 \|\| =3.11.1-r2 \|\| =3.11.1-r3 \|\| =3.11.1-r4 \|\| =3.11.2-r0 \|\| =3.11.3-r0 \|\| =3.11.3-r1 \|\| =3.11.3-r10 \|\| =3.11.3-r11 \|\| =3.11.3-r2 \|\| =3.11.3-r3 \|\| =3.11.3-r4 \|\| =3.11.3-r5 \|\| =3.11.3-r6 \|\| =3.11.3-r7 \|\| =3.11.3-r8 \|\| =3.11.3-r9 \|\| =3.11.4-r0 \|\| =3.11.4-r1 \|\| =3.11.4-r2 \|\| =3.11.4-r3 \|\| =3.11.4-r4 \|\| =3.11.5-r0 \|\| =3.11.6-r0 \|\| =3.11.6-r1 \|\| =3.11.6-r2 \|\| =3.11.7-r0 \|\| =3.11.7-r1 \|\| =3.11.8-r0 \|\| =3.12.2-r0 \|\| =3.12.2-r1 \|\| =3.12.3-r0 \|\| =3.12.3-r1 \|\| =3.12.3-r2 \|\| =3.12.6-r0 \|\| =3.12.7-r0 \|\| =3.12.8-r0 \|\| =3.2.0-r0 \|\| =3.2.3-r0 \|\| =3.3.0-r0 \|\| =3.3.2-r0 \|\| =3.3.3-r0 \|\| =3.3.4-r0 \|\| =3.4.1-r0 \|\| =3.4.2-r0 \|\| =3.4.2-r1 \|\| =3.4.3-r1 \|\| =3.4.3-r2 \|\| =3.5.0-r0 \|\| =3.5.1-r0 \|\| =3.5.1-r1 \|\| =3.5.1-r2 \|\| =3.5.1-r3 \|\| =3.5.2-r0 \|\| =3.5.2-r1 \|\| =3.5.2-r10 \|\| =3.5.2-r2 \|\| =3.5.2-r3 \|\| =3.5.2-r4 \|\| =3.5.2-r5 \|\| =3.5.2-r6 \|\| =3.5.2-r7 \|\| =3.5.2-r8 \|\| =3.5.2-r9 \|\| =3.6.0-r0 \|\| =3.6.1-r0 \|\| =3.6.1-r1 \|\| =3.6.1-r2 \|\| =3.6.1-r3 \|\| =3.6.1-r4 \|\| =3.6.2-r0 \|\| =3.6.2-r1 \|\| =3.6.2-r2 \|\| =3.6.2-r3 \|\| =3.6.3-r3 \|\| =3.6.3-r4 \|\| =3.6.3-r5 \|\| =3.6.3-r6 \|\| =3.6.3-r7 \|\| =3.6.3-r8 \|\| =3.6.3-r9 \|\| =3.6.4-r0 \|\| =3.6.4-r1 \|\| =3.6.6-r0 \|\| =3.6.6-r1 \|\| =3.6.6-r2 \|\| =3.6.6-r3 \|\| =3.6.7-r0 \|\| =3.6.8-r0 \|\| =3.6.8-r1 \|\| =3.6.8-r2 \|\| =3.7.2-r0 \|\| =3.7.3-r0 \|\| =3.7.3-r1 \|\| =3.7.4-r0 \|\| =3.7.5-r0 \|\| =3.7.5-r1 \|\| =3.8.0-r0 \|\| =3.8.1-r0 \|\| =3.8.1-r1 \|\| =3.8.1-r2 \|\| =3.8.1-r3 \|\| =3.8.2-r0 \|\| =3.8.2-r1 \|\| =3.8.2-r2 \|\| =3.8.2-r3 \|\| =3.8.2-r4 \|\| =3.8.2-r5 \|\| =3.8.2-r6 \|\| =3.8.2-r7 \|\| =3.8.3-r0 \|\| =3.8.4-r0 \|\| =3.8.5-r0 \|\| =3.8.5-r1 \|\| =3.8.5-r2 \|\| =3.8.6-r0 \|\| =3.8.7-r0 \|\| =3.8.7-r1 \|\| =3.8.7-r2 \|\| =3.8.7-r3 \|\| =3.8.8-r0 \|\| =3.9.1-r0 \|\| =3.9.2-r0 \|\| =3.9.4-r0 \|\| =3.9.5-r0 \|\| =3.9.5-r1 \|\| =3.9.6-r0 \|\| =3.9.6-r1 \|\| =3.9.6-r2 \|\| =3.9.7-r2 \|\| =3.9.7-r3 \|\| =3.9.7-r4 \|\| >=0 <3.12.8-r1	3.12.8-r1
alpine v3.22	python3	=3.1.3-r0 \|\| =3.10.0-r0 \|\| =3.10.0-r1 \|\| =3.10.1-r0 \|\| =3.10.2-r0 \|\| =3.10.2-r1 \|\| =3.10.3-r0 \|\| =3.10.3-r1 \|\| =3.10.4-r0 \|\| =3.10.5-r0 \|\| =3.10.5-r1 \|\| =3.10.5-r2 \|\| =3.10.6-r0 \|\| =3.10.6-r1 \|\| =3.10.7-r0 \|\| =3.10.8-r0 \|\| =3.10.8-r1 \|\| =3.10.8-r2 \|\| =3.10.8-r3 \|\| =3.11.0-r0 \|\| =3.11.0-r1 \|\| =3.11.0-r2 \|\| =3.11.1-r0 \|\| =3.11.1-r1 \|\| =3.11.1-r2 \|\| =3.11.1-r3 \|\| =3.11.1-r4 \|\| =3.11.2-r0 \|\| =3.11.3-r0 \|\| =3.11.3-r1 \|\| =3.11.3-r10 \|\| =3.11.3-r11 \|\| =3.11.3-r2 \|\| =3.11.3-r3 \|\| =3.11.3-r4 \|\| =3.11.3-r5 \|\| =3.11.3-r6 \|\| =3.11.3-r7 \|\| =3.11.3-r8 \|\| =3.11.3-r9 \|\| =3.11.4-r0 \|\| =3.11.4-r1 \|\| =3.11.4-r2 \|\| =3.11.4-r3 \|\| =3.11.4-r4 \|\| =3.11.5-r0 \|\| =3.11.6-r0 \|\| =3.11.6-r1 \|\| =3.11.6-r2 \|\| =3.11.7-r0 \|\| =3.11.7-r1 \|\| =3.11.8-r0 \|\| =3.12.2-r0 \|\| =3.12.2-r1 \|\| =3.12.3-r0 \|\| =3.12.3-r1 \|\| =3.12.4-r0 \|\| =3.12.5-r0 \|\| =3.12.5-r1 \|\| =3.12.6-r0 \|\| =3.12.7-r0 \|\| =3.12.7-r1 \|\| =3.12.8-r0 \|\| =3.2.0-r0 \|\| =3.2.3-r0 \|\| =3.3.0-r0 \|\| =3.3.2-r0 \|\| =3.3.3-r0 \|\| =3.3.4-r0 \|\| =3.4.1-r0 \|\| =3.4.2-r0 \|\| =3.4.2-r1 \|\| =3.4.3-r1 \|\| =3.4.3-r2 \|\| =3.5.0-r0 \|\| =3.5.1-r0 \|\| =3.5.1-r1 \|\| =3.5.1-r2 \|\| =3.5.1-r3 \|\| =3.5.2-r0 \|\| =3.5.2-r1 \|\| =3.5.2-r10 \|\| =3.5.2-r2 \|\| =3.5.2-r3 \|\| =3.5.2-r4 \|\| =3.5.2-r5 \|\| =3.5.2-r6 \|\| =3.5.2-r7 \|\| =3.5.2-r8 \|\| =3.5.2-r9 \|\| =3.6.0-r0 \|\| =3.6.1-r0 \|\| =3.6.1-r1 \|\| =3.6.1-r2 \|\| =3.6.1-r3 \|\| =3.6.1-r4 \|\| =3.6.2-r0 \|\| =3.6.2-r1 \|\| =3.6.2-r2 \|\| =3.6.2-r3 \|\| =3.6.3-r3 \|\| =3.6.3-r4 \|\| =3.6.3-r5 \|\| =3.6.3-r6 \|\| =3.6.3-r7 \|\| =3.6.3-r8 \|\| =3.6.3-r9 \|\| =3.6.4-r0 \|\| =3.6.4-r1 \|\| =3.6.6-r0 \|\| =3.6.6-r1 \|\| =3.6.6-r2 \|\| =3.6.6-r3 \|\| =3.6.7-r0 \|\| =3.6.8-r0 \|\| =3.6.8-r1 \|\| =3.6.8-r2 \|\| =3.7.2-r0 \|\| =3.7.3-r0 \|\| =3.7.3-r1 \|\| =3.7.4-r0 \|\| =3.7.5-r0 \|\| =3.7.5-r1 \|\| =3.8.0-r0 \|\| =3.8.1-r0 \|\| =3.8.1-r1 \|\| =3.8.1-r2 \|\| =3.8.1-r3 \|\| =3.8.2-r0 \|\| =3.8.2-r1 \|\| =3.8.2-r2 \|\| =3.8.2-r3 \|\| =3.8.2-r4 \|\| =3.8.2-r5 \|\| =3.8.2-r6 \|\| =3.8.2-r7 \|\| =3.8.3-r0 \|\| =3.8.4-r0 \|\| =3.8.5-r0 \|\| =3.8.5-r1 \|\| =3.8.5-r2 \|\| =3.8.6-r0 \|\| =3.8.7-r0 \|\| =3.8.7-r1 \|\| =3.8.7-r2 \|\| =3.8.7-r3 \|\| =3.8.8-r0 \|\| =3.9.1-r0 \|\| =3.9.2-r0 \|\| =3.9.4-r0 \|\| =3.9.5-r0 \|\| =3.9.5-r1 \|\| =3.9.6-r0 \|\| =3.9.6-r1 \|\| =3.9.6-r2 \|\| =3.9.7-r2 \|\| =3.9.7-r3 \|\| =3.9.7-r4 \|\| >=0 <3.12.8-r1	3.12.8-r1
debian 14	python3.13	>=0 <3.13.1-2	3.13.1-2
alpine v3.21	python3	=3.1.3-r0 \|\| =3.10.0-r0 \|\| =3.10.0-r1 \|\| =3.10.1-r0 \|\| =3.10.2-r0 \|\| =3.10.2-r1 \|\| =3.10.3-r0 \|\| =3.10.3-r1 \|\| =3.10.4-r0 \|\| =3.10.5-r0 \|\| =3.10.5-r1 \|\| =3.10.5-r2 \|\| =3.10.6-r0 \|\| =3.10.6-r1 \|\| =3.10.7-r0 \|\| =3.10.8-r0 \|\| =3.10.8-r1 \|\| =3.10.8-r2 \|\| =3.10.8-r3 \|\| =3.11.0-r0 \|\| =3.11.0-r1 \|\| =3.11.0-r2 \|\| =3.11.1-r0 \|\| =3.11.1-r1 \|\| =3.11.1-r2 \|\| =3.11.1-r3 \|\| =3.11.1-r4 \|\| =3.11.2-r0 \|\| =3.11.3-r0 \|\| =3.11.3-r1 \|\| =3.11.3-r10 \|\| =3.11.3-r11 \|\| =3.11.3-r2 \|\| =3.11.3-r3 \|\| =3.11.3-r4 \|\| =3.11.3-r5 \|\| =3.11.3-r6 \|\| =3.11.3-r7 \|\| =3.11.3-r8 \|\| =3.11.3-r9 \|\| =3.11.4-r0 \|\| =3.11.4-r1 \|\| =3.11.4-r2 \|\| =3.11.4-r3 \|\| =3.11.4-r4 \|\| =3.11.5-r0 \|\| =3.11.6-r0 \|\| =3.11.6-r1 \|\| =3.11.6-r2 \|\| =3.11.7-r0 \|\| =3.11.7-r1 \|\| =3.11.8-r0 \|\| =3.12.2-r0 \|\| =3.12.2-r1 \|\| =3.12.3-r0 \|\| =3.12.3-r1 \|\| =3.12.4-r0 \|\| =3.12.5-r0 \|\| =3.12.5-r1 \|\| =3.12.6-r0 \|\| =3.12.7-r0 \|\| =3.12.7-r1 \|\| =3.12.8-r0 \|\| =3.2.0-r0 \|\| =3.2.3-r0 \|\| =3.3.0-r0 \|\| =3.3.2-r0 \|\| =3.3.3-r0 \|\| =3.3.4-r0 \|\| =3.4.1-r0 \|\| =3.4.2-r0 \|\| =3.4.2-r1 \|\| =3.4.3-r1 \|\| =3.4.3-r2 \|\| =3.5.0-r0 \|\| =3.5.1-r0 \|\| =3.5.1-r1 \|\| =3.5.1-r2 \|\| =3.5.1-r3 \|\| =3.5.2-r0 \|\| =3.5.2-r1 \|\| =3.5.2-r10 \|\| =3.5.2-r2 \|\| =3.5.2-r3 \|\| =3.5.2-r4 \|\| =3.5.2-r5 \|\| =3.5.2-r6 \|\| =3.5.2-r7 \|\| =3.5.2-r8 \|\| =3.5.2-r9 \|\| =3.6.0-r0 \|\| =3.6.1-r0 \|\| =3.6.1-r1 \|\| =3.6.1-r2 \|\| =3.6.1-r3 \|\| =3.6.1-r4 \|\| =3.6.2-r0 \|\| =3.6.2-r1 \|\| =3.6.2-r2 \|\| =3.6.2-r3 \|\| =3.6.3-r3 \|\| =3.6.3-r4 \|\| =3.6.3-r5 \|\| =3.6.3-r6 \|\| =3.6.3-r7 \|\| =3.6.3-r8 \|\| =3.6.3-r9 \|\| =3.6.4-r0 \|\| =3.6.4-r1 \|\| =3.6.6-r0 \|\| =3.6.6-r1 \|\| =3.6.6-r2 \|\| =3.6.6-r3 \|\| =3.6.7-r0 \|\| =3.6.8-r0 \|\| =3.6.8-r1 \|\| =3.6.8-r2 \|\| =3.7.2-r0 \|\| =3.7.3-r0 \|\| =3.7.3-r1 \|\| =3.7.4-r0 \|\| =3.7.5-r0 \|\| =3.7.5-r1 \|\| =3.8.0-r0 \|\| =3.8.1-r0 \|\| =3.8.1-r1 \|\| =3.8.1-r2 \|\| =3.8.1-r3 \|\| =3.8.2-r0 \|\| =3.8.2-r1 \|\| =3.8.2-r2 \|\| =3.8.2-r3 \|\| =3.8.2-r4 \|\| =3.8.2-r5 \|\| =3.8.2-r6 \|\| =3.8.2-r7 \|\| =3.8.3-r0 \|\| =3.8.4-r0 \|\| =3.8.5-r0 \|\| =3.8.5-r1 \|\| =3.8.5-r2 \|\| =3.8.6-r0 \|\| =3.8.7-r0 \|\| =3.8.7-r1 \|\| =3.8.7-r2 \|\| =3.8.7-r3 \|\| =3.8.8-r0 \|\| =3.9.1-r0 \|\| =3.9.2-r0 \|\| =3.9.4-r0 \|\| =3.9.5-r0 \|\| =3.9.5-r1 \|\| =3.9.6-r0 \|\| =3.9.6-r1 \|\| =3.9.6-r2 \|\| =3.9.7-r2 \|\| =3.9.7-r3 \|\| =3.9.7-r4 \|\| >=0 <3.12.8-r1	3.12.8-r1
alpine v3.23	python3	=3.1.3-r0 \|\| =3.10.0-r0 \|\| =3.10.0-r1 \|\| =3.10.1-r0 \|\| =3.10.2-r0 \|\| =3.10.2-r1 \|\| =3.10.3-r0 \|\| =3.10.3-r1 \|\| =3.10.4-r0 \|\| =3.10.5-r0 \|\| =3.10.5-r1 \|\| =3.10.5-r2 \|\| =3.10.6-r0 \|\| =3.10.6-r1 \|\| =3.10.7-r0 \|\| =3.10.8-r0 \|\| =3.10.8-r1 \|\| =3.10.8-r2 \|\| =3.10.8-r3 \|\| =3.11.0-r0 \|\| =3.11.0-r1 \|\| =3.11.0-r2 \|\| =3.11.1-r0 \|\| =3.11.1-r1 \|\| =3.11.1-r2 \|\| =3.11.1-r3 \|\| =3.11.1-r4 \|\| =3.11.2-r0 \|\| =3.11.3-r0 \|\| =3.11.3-r1 \|\| =3.11.3-r10 \|\| =3.11.3-r11 \|\| =3.11.3-r2 \|\| =3.11.3-r3 \|\| =3.11.3-r4 \|\| =3.11.3-r5 \|\| =3.11.3-r6 \|\| =3.11.3-r7 \|\| =3.11.3-r8 \|\| =3.11.3-r9 \|\| =3.11.4-r0 \|\| =3.11.4-r1 \|\| =3.11.4-r2 \|\| =3.11.4-r3 \|\| =3.11.4-r4 \|\| =3.11.5-r0 \|\| =3.11.6-r0 \|\| =3.11.6-r1 \|\| =3.11.6-r2 \|\| =3.11.7-r0 \|\| =3.11.7-r1 \|\| =3.11.8-r0 \|\| =3.12.2-r0 \|\| =3.12.2-r1 \|\| =3.12.3-r0 \|\| =3.12.3-r1 \|\| =3.12.4-r0 \|\| =3.12.5-r0 \|\| =3.12.5-r1 \|\| =3.12.6-r0 \|\| =3.12.7-r0 \|\| =3.12.7-r1 \|\| =3.12.8-r0 \|\| =3.2.0-r0 \|\| =3.2.3-r0 \|\| =3.3.0-r0 \|\| =3.3.2-r0 \|\| =3.3.3-r0 \|\| =3.3.4-r0 \|\| =3.4.1-r0 \|\| =3.4.2-r0 \|\| =3.4.2-r1 \|\| =3.4.3-r1 \|\| =3.4.3-r2 \|\| =3.5.0-r0 \|\| =3.5.1-r0 \|\| =3.5.1-r1 \|\| =3.5.1-r2 \|\| =3.5.1-r3 \|\| =3.5.2-r0 \|\| =3.5.2-r1 \|\| =3.5.2-r10 \|\| =3.5.2-r2 \|\| =3.5.2-r3 \|\| =3.5.2-r4 \|\| =3.5.2-r5 \|\| =3.5.2-r6 \|\| =3.5.2-r7 \|\| =3.5.2-r8 \|\| =3.5.2-r9 \|\| =3.6.0-r0 \|\| =3.6.1-r0 \|\| =3.6.1-r1 \|\| =3.6.1-r2 \|\| =3.6.1-r3 \|\| =3.6.1-r4 \|\| =3.6.2-r0 \|\| =3.6.2-r1 \|\| =3.6.2-r2 \|\| =3.6.2-r3 \|\| =3.6.3-r3 \|\| =3.6.3-r4 \|\| =3.6.3-r5 \|\| =3.6.3-r6 \|\| =3.6.3-r7 \|\| =3.6.3-r8 \|\| =3.6.3-r9 \|\| =3.6.4-r0 \|\| =3.6.4-r1 \|\| =3.6.6-r0 \|\| =3.6.6-r1 \|\| =3.6.6-r2 \|\| =3.6.6-r3 \|\| =3.6.7-r0 \|\| =3.6.8-r0 \|\| =3.6.8-r1 \|\| =3.6.8-r2 \|\| =3.7.2-r0 \|\| =3.7.3-r0 \|\| =3.7.3-r1 \|\| =3.7.4-r0 \|\| =3.7.5-r0 \|\| =3.7.5-r1 \|\| =3.8.0-r0 \|\| =3.8.1-r0 \|\| =3.8.1-r1 \|\| =3.8.1-r2 \|\| =3.8.1-r3 \|\| =3.8.2-r0 \|\| =3.8.2-r1 \|\| =3.8.2-r2 \|\| =3.8.2-r3 \|\| =3.8.2-r4 \|\| =3.8.2-r5 \|\| =3.8.2-r6 \|\| =3.8.2-r7 \|\| =3.8.3-r0 \|\| =3.8.4-r0 \|\| =3.8.5-r0 \|\| =3.8.5-r1 \|\| =3.8.5-r2 \|\| =3.8.6-r0 \|\| =3.8.7-r0 \|\| =3.8.7-r1 \|\| =3.8.7-r2 \|\| =3.8.7-r3 \|\| =3.8.8-r0 \|\| =3.9.1-r0 \|\| =3.9.2-r0 \|\| =3.9.4-r0 \|\| =3.9.5-r0 \|\| =3.9.5-r1 \|\| =3.9.6-r0 \|\| =3.9.6-r1 \|\| =3.9.6-r2 \|\| =3.9.7-r2 \|\| =3.9.7-r3 \|\| =3.9.7-r4 \|\| >=0 <3.12.8-r1	3.12.8-r1
rpm rhel10	python3.12	-	-
rpm rhel9.4	python3.12	<0:3.12.1-4.el9_4.5	0:3.12.1-4.el9_4.5
rpm rhel8	python3.12	<0:3.12.8-1.el8_10	0:3.12.8-1.el8_10
rpm rhel9	python3.12	<0:3.12.5-2.el9_5.2	0:3.12.5-2.el9_5.2

Aliases

1. CVE-2024-122542. NVD-2024-122543. OSV-DEBIAN-2024-122544. OSV-2024-122545. OSV-ALPINE-2024-122546. SECURITY-TRACKER-CVE-2024-122547. SECURITY-CVE-2024-12254