Fluid Attacks Database

Description

PyOpenSSL Use-After-Free vulnerability It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. This attack appears to be exploitable via Depends on the calling application and if it retains a reference to the memory. This vulnerability appears to have been fixed in 17.5.0.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.7	py-openssl	=0.13-r0 \|\| =0.14-r0 \|\| =0.15.1-r0 \|\| =16.0.0-r0 \|\| =16.0.0-r1 \|\| =16.0.0-r2 \|\| =16.1.0-r0 \|\| =16.1.0-r1 \|\| =17.0.0-r0 \|\| =17.1.0-r0 \|\| =17.2.0-r0 \|\| >=0 <17.5.0-r0	17.5.0-r0
alpine v3.8	py-openssl	=0.13-r0 \|\| =0.14-r0 \|\| =0.15.1-r0 \|\| =16.0.0-r0 \|\| =16.0.0-r1 \|\| =16.0.0-r2 \|\| =16.1.0-r0 \|\| =16.1.0-r1 \|\| =17.0.0-r0 \|\| =17.1.0-r0 \|\| =17.2.0-r0 \|\| >=0 <17.5.0-r0	17.5.0-r0
debian 11	pyopenssl	>=0 <17.5.0-1	17.5.0-1
debian 14	pyopenssl	>=0 <17.5.0-1	17.5.0-1
debian 13	pyopenssl	>=0 <17.5.0-1	17.5.0-1
alpine v3.6	py-openssl	=0.13-r0 \|\| =0.14-r0 \|\| =0.15.1-r0 \|\| =16.0.0-r0 \|\| =16.0.0-r1 \|\| =16.0.0-r2 \|\| =16.1.0-r0 \|\| =16.1.0-r1 \|\| =17.0.0-r0 \|\| >=0 <17.5.0-r0	17.5.0-r0
pypi	pyopenssl	>=0 <17.5.0	17.5.0
debian 12	pyopenssl	>=0 <17.5.0-1	17.5.0-1

Aliases

1. CVE-2018-10008072. NVD-2018-10008073. OSV-ALPINE-2018-10008074. OSV-2018-10008075. OSV-DEBIAN-2018-10008076. GCVE-2018-10008077. SECURITY-CVE-2018-10008078. SECURITY-TRACKER-CVE-2018-10008079. access.redhat.com

References

1. https://github.com/pyca/pyopenssl/pull/7232. https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c35093. https://github.com/pypa/advisory-database/tree/main/vulns/pyopenssl/PYSEC-2018-23.yaml4. https://usn.ubuntu.com/3813-15. http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00014.html