Alerts This Week
Warning Icon 1 700
Alerts This Week
Warning Icon 1 700

Ubuntu 24.10 & 24.04 LTS: USN-7219-1 moderate: python3.12 DoS risk

Calendar Jan 20, 2025 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory DoS Ubuntu network traffic python3.12
Python could be made to consume resources if it received specially crafted network traffic. 
==========================================================================
Ubuntu Security Notice USN-7219-1
January 20, 2025

python3.12 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS

Summary:

Python could be made to consume resources if it received specially crafted
network traffic.

Software Description:
- python3.12: An interactive high-level object-oriented language

Details:

It was discovered that Python incorrectly handled asyncio write buffers. A
remote attacker could possibly use this issue to cause Python to consume
memory, leading to a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
   python3.12                      3.12.7-1ubuntu1.1
   python3.12-minimal              3.12.7-1ubuntu1.1

Ubuntu 24.04 LTS
   python3.12                      3.12.3-1ubuntu0.4
   python3.12-minimal              3.12.3-1ubuntu0.4

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-7219-1
   CVE-2024-12254

Package Information:
   https://launchpad.net/ubuntu/+source/python3.12/3.12.7-1ubuntu1.1
   https://launchpad.net/ubuntu/+source/python3.12/3.12.3-1ubuntu0.4

Ubuntu 24.10 & 24.04 LTS: USN-7219-1 moderate: python3.12 DoS risk

ubuntu
Calendar Grey January 20, 2025
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-7219-1 January 20, 2025 highlights a critical DoS vulnerability in python3.12, triggered by specially crafted network packets.
Python could be made to consume resources if it received specially crafted network traffic.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS Summary: Python could be made to consume resources if it received specially crafted network traffic. Software Description: - python3.12: An interactive high-level object-oriented language Details: It was discovered that Python incorrectly handled asyncio write buffers. A remote attacker could possibly use this issue to cause Python to consume memory, leading to a denial of service.

Topics%20covered

Topics Covered

security advisory DoS Ubuntu network traffic python3.12

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 python3.12 3.12.7-1ubuntu1.1 python3.12-minimal 3.12.7-1ubuntu1.1 Ubuntu 24.04 LTS python3.12 3.12.3-1ubuntu0.4 python3.12-minimal 3.12.3-1ubuntu0.4 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7219-1

CVE-2024-12254

Ubuntu Security Notice USN-7219-1

Topics%20covered

Topics Covered

security advisory DoS Ubuntu network traffic python3.12

Package Information

https://launchpad.net/ubuntu/+source/python3.12/3.12.7-1ubuntu1.1 https://launchpad.net/ubuntu/+source/python3.12/3.12.3-1ubuntu0.4

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here