vulnerability
Oracle Linux: CVE-2019-18874: ELSA-2021-4162: python38:3.8 and python38-devel:3.8 security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Nov 7, 2019 | Nov 17, 2021 | Dec 3, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Nov 7, 2019
Added
Nov 17, 2021
Modified
Dec 3, 2025
Description
psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.
A double free issue has been discovered in python-psutil because of the mishandling of refcounts while converting system data into Python objects in functions like psutil_disk_partitions(), psutil_users(), psutil_net_if_addrs(), and others. In particular cases, a local attacker may be able to get code execution by manipulating system resources that python-psutil then tries to convert.
A double free issue has been discovered in python-psutil because of the mishandling of refcounts while converting system data into Python objects in functions like psutil_disk_partitions(), psutil_users(), psutil_net_if_addrs(), and others. In particular cases, a local attacker may be able to get code execution by manipulating system resources that python-psutil then tries to convert.
Solutions
oracle-linux-upgrade-python38oracle-linux-upgrade-python38-asn1cryptooracle-linux-upgrade-python38-atomicwritesoracle-linux-upgrade-python38-attrsoracle-linux-upgrade-python38-babeloracle-linux-upgrade-python38-cffioracle-linux-upgrade-python38-chardetoracle-linux-upgrade-python38-cryptographyoracle-linux-upgrade-python38-cythonoracle-linux-upgrade-python38-debugoracle-linux-upgrade-python38-develoracle-linux-upgrade-python38-idleoracle-linux-upgrade-python38-idnaoracle-linux-upgrade-python38-jinja2oracle-linux-upgrade-python38-libsoracle-linux-upgrade-python38-lxmloracle-linux-upgrade-python38-markupsafeoracle-linux-upgrade-python38-mod-wsgioracle-linux-upgrade-python38-more-itertoolsoracle-linux-upgrade-python38-numpyoracle-linux-upgrade-python38-numpy-docoracle-linux-upgrade-python38-numpy-f2pyoracle-linux-upgrade-python38-packagingoracle-linux-upgrade-python38-piporacle-linux-upgrade-python38-pip-wheeloracle-linux-upgrade-python38-pluggyoracle-linux-upgrade-python38-plyoracle-linux-upgrade-python38-psutiloracle-linux-upgrade-python38-psycopg2oracle-linux-upgrade-python38-psycopg2-docoracle-linux-upgrade-python38-psycopg2-testsoracle-linux-upgrade-python38-pyoracle-linux-upgrade-python38-pycparseroracle-linux-upgrade-python38-pymysqloracle-linux-upgrade-python38-pyparsingoracle-linux-upgrade-python38-pysocksoracle-linux-upgrade-python38-pytestoracle-linux-upgrade-python38-pytzoracle-linux-upgrade-python38-pyyamloracle-linux-upgrade-python38-requestsoracle-linux-upgrade-python38-rpm-macrosoracle-linux-upgrade-python38-scipyoracle-linux-upgrade-python38-setuptoolsoracle-linux-upgrade-python38-setuptools-wheeloracle-linux-upgrade-python38-sixoracle-linux-upgrade-python38-testoracle-linux-upgrade-python38-tkinteroracle-linux-upgrade-python38-urllib3oracle-linux-upgrade-python38-wcwidthoracle-linux-upgrade-python38-wheeloracle-linux-upgrade-python38-wheel-wheeloracle-linux-upgrade-python3-psutil
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.