{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-5642", "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22", "state": "PUBLISHED", "assignerShortName": "PSF", "dateReserved": "2024-06-04T18:40:21.539Z", "datePublished": "2024-06-27T21:05:31.281Z", "dateUpdated": "2024-07-01T13:51:32.404Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "CPython", "repo": "https://github.com/python/cpython", "vendor": "Python Software Foundation", "versions": [{"lessThan": "3.10.0b1", "status": "affected", "version": "0", "versionType": "python"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "CPython 3.9 and earlier doesn't disallow configuring an empty list (\"[]\") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see <span style=\"background-color: oklab(0.0852327 0.00000386313 0.00000170618 / 0.06);\">CVE</span><span style=\"background-color: oklab(0.0852327 0.00000386313 0.00000170618 / 0.06);\">-2024</span><span style=\"background-color: oklab(0.0852327 0.00000386313 0.00000170618 / 0.06);\">-5535</span> for OpenSSL). This vulnerability is of low severity due to NPN being not widely used and specifying an empty list likely being uncommon in-practice (typically a protocol name would be configured).<br>"}], "value": "CPython 3.9 and earlier doesn't disallow configuring an empty list (\"[]\") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to NPN being not widely used and specifying an empty list likely being uncommon in-practice (typically a protocol name would be configured)."}], "providerMetadata": {"orgId": "28c92f92-d60d-412d-b760-e73465c3df22", "shortName": "PSF", "dateUpdated": "2024-07-01T13:51:32.404Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://jbp.io/2024/06/27/cve-2024-5535-openssl-memory-safety.html"}, {"tags": ["mitigation"], "url": "https://github.com/python/cpython/pull/23014"}, {"tags": ["vendor-advisory"], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/39258d3595300bc7b952854c915f63ae2d4b9c3e"}, {"url": "http://www.openwall.com/lists/oss-security/2024/06/28/4"}, {"tags": ["issue-tracking"], "url": "https://github.com/python/cpython/issues/121227"}], "source": {"discovery": "UNKNOWN"}, "title": "Buffer overread when using an empty list with SSLContext.set_npn_protocols()", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-28T13:47:34.169947Z", "id": "CVE-2024-5642", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-28T13:47:48.118Z"}}]}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "CPython 3.9 and earlier doesn't disallow configuring an empty list (\"[]\") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to NPN being not widely used and specifying an empty list likely being uncommon in-practice (typically a protocol name would be configured)."}], "id": "CVE-2024-5642", "lastModified": "2024-06-27T22:15:10.757", "metrics": {}, "published": "2024-06-27T21:15:16.070", "references": [{"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/39258d3595300bc7b952854c915f63ae2d4b9c3e"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/pull/23014"}, {"source": "cna@python.org", "url": "https://jbp.io/2024/06/27/cve-2024-5535-openssl-memory-safety.html"}, {"source": "cna@python.org", "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/"}], "sourceIdentifier": "cna@python.org", "vulnStatus": "Received"}

{}