-
-
Notifications
You must be signed in to change notification settings - Fork 30k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[CVE-2020-10796] Python multiprocessing Remote Code Execution vulnerability #84220
Comments
description: |
Thanks for the report. Is this a case of the warning below? https://docs.python.org/3.8/library/multiprocessing.html#multiprocessing.connection.Connection.recv
|
I am not sure if this was done but CPython has a page on reporting security issues that you can use for future reports so that they can be triaged before being public. |
Thank you for your reply, this report is indeed the situation prompted by the warning. There will be few problems in the single-machine deployment mode. Of course, it is also possible to take advantage of the possibility of elevation of privilege. In the distributed deployment mode, the client script is leaked. The resulting authkey leak will also cause RCE problems. I have an idea. If ManagerBase can allow users to customize the serialization operation, it may be greatly relieved. Your suggestion is that I need to submit this to security@python.org Report it? |
Lib/multiprocessing/connection.py uses a challenge to authenticate the client. How do you connect to the server? Yes, it's known that pickle is not safe, there is a big red warning at the top of the doc: But please elaborate your attack scenario. How do you execute arbitrary code on a server? How do you inject code? |
Oh, I missed that the PDF contains a link to a PoC: I attach a copy to this issue: server.py and poc.py. |
In which situation the authkey can be empty? Lib/mulitprocessing/process.py creates an authkey of 256 bits of entropy using: It's used by default if I understand correctly. I understand that the authkey can only be empty if the developer explicitly pass an empty string to authkey when the manager is created. Am I right? -- About leaking the authkey: I don't know how the authkey is transfered to the child processes. Through a pipe controlled by the parent process? --
I read somewhere that multiprocessing is now supposed to accept other serialization protocol than pickle, but I failed to find the documentation :-( pickle remains the default. |
Thank you for your reply. Yes, under normal circumstances, keys are generally not leaked. I may have only considered the following attacks at the time:
Of course, after thinking about it carefully, I found that the above problem is just a conjecture, so now I have decided to give up reporting it as CVE, unless I find such a situation. |
Thanks for reporting this. In future, security issues should be reported *first* through https://www.python.org/dev/security/ *Do not* request a CVE number until we've reviewed it. It causes unnecessary stress for our users who actually pay attention to those disclosures. CVEs are a tool for *us* to communicate with our users, not for researchers to communicate with us (just send us an email :) ). Since you appear to have a number assigned, I've requested that MITRE retract it. Though it seems you may have done the same already. Looking forward to meeting you soon on the security mailing list! |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: