CVE-2024-3219

NameCVE-2024-3219
DescriptionThe \u201csocket\u201d module provides a pure-Python fallback to the ...
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
python2.7 (PTS)bullseye2.7.18-8+deb11u1fixed
python3.11 (PTS)bookworm3.11.2-6+deb12u5fixed
bookworm (security)3.11.2-6+deb12u3fixed
python3.12 (PTS)sid, trixie3.12.9-1fixed
python3.13 (PTS)sid, trixie3.13.2-1fixed
python3.9 (PTS)bullseye3.9.2-1fixed
bullseye (security)3.9.2-1+deb11u2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
python2.7source(unstable)(not affected)
python3.11source(unstable)(not affected)
python3.12source(unstable)(not affected)
python3.13source(unstable)(not affected)
python3.9source(unstable)(not affected)

Notes

- python3.13 <not-affected> (Windows-specific)
- python3.12 <not-affected> (Windows-specific)
- python3.11 <not-affected> (Windows-specific)
- python3.9 <not-affected> (Windows-specific)
- python2.7 <not-affected> (Vulnerable code not present)
https://github.com/python/cpython/pull/122134
https://github.com/python/cpython/issues/122133
https://www.openwall.com/lists/oss-security/2024/07/29/3
3.9-branch: https://github.com/python/cpython/commit/06fa244666ec6335a3b9bf2367e31b42b9a89b20
3.10-branch: https://github.com/python/cpython/commit/0b65c8bf5367625673eafb92f85046a1b31259f2
3.11-branch: https://github.com/python/cpython/commit/5f90abaa786f994db3907fc31e2ee00ea2cf0929
3.12-branch: https://github.com/python/cpython/commit/220e31adeaaa8436c9ff234cba1398bc49e2bb6c
3.13-branch: https://github.com/python/cpython/commit/b252317956b7fc035bb3774ef6a177e227f9fc54
Only affects plattforms which do not support AF_UNIX.
Search for package or bug name: Reporting problems