CVE Number – CVE-2018-1000030
Multiple vulnerabilities in Python could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on a targeted system.
The vulnerabilities are due to improper memory operations that are performed by the affected software. An attacker could exploit these vulnerabilities by causing a race condition on a targeted system. A successful exploit could allow the attacker to execute arbitrary code or cause a DoS condition on the targeted system.
Python.org has confirmed the vulnerabilities and released software updates.
To exploit these vulnerabilities, the attacker may need access to trusted or internal networks to submit crafted source code to the targeted system. This access requirement could reduce the likelihood of a successful exploit.
Administrators are advised to apply the appropriate updates.
Administrators are advised to restrict system access to trusted users.
Administrators are advised to monitor affected systems.
Python.org has released a bug report at the following link: Issue 31530
Python.org has released software updates at the following link: [PATCH] stop crashes when iterating over a file on multiple threads
Duncan is a technology professional with over 20 years experience of working in various IT roles. He also has a wide range of other skills in radio, electronics and telecommunications.