FERRAMENTAS LINUX: Ubuntu 25.04 Security Alert: Critical Python Vulnerability (USN-7583-1) – Patch Now to Prevent File Overwrite Attacks

sexta-feira, 20 de junho de 2025

Ubuntu 25.04 Security Alert: Critical Python Vulnerability (USN-7583-1) – Patch Now to Prevent File Overwrite Attacks

 

Ubuntu



🔒 Urgent Ubuntu Security Patch: A critical Python vulnerability (CVE-2024-12718, CVE-2025-4138) allows file overwrites—update now to prevent data loss. Affects Ubuntu 25.04, 24.10, 24.04 LTS. Learn patching steps & mitigation strategies.


Key Security Risk: Python Extraction Flaw Exposes Systems to Data Loss

critical security vulnerability in Python’s tar archive extraction feature has been discovered, affecting multiple Ubuntu LTS and non-LTS releases, including:

  • Ubuntu 25.04

  • Ubuntu 24.10

  • Ubuntu 24.04 LTS

This flaw (CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435, CVE-2025-4517) allows attackers to overwrite arbitrary files on vulnerable systems, leading to potential data corruption, privilege escalation, or system compromise.

Affected Software Packages

  • Python 3.13 (Ubuntu 25.04, 24.10)

  • Python 3.12 (Ubuntu 24.10, 24.04 LTS)

How the Python File Overwrite Exploit Works

The vulnerability stems from improper handling of tar archive extraction with filtering options, enabling malicious actors to:

 Modify critical system files
 Bypass security restrictions
✔ Cause irreversible data loss

Real-World Impact:

  • Attackers could replace configuration files, leading to service disruptions.

  • Malicious archives could overwrite user data, resulting in financial or operational damage.

Patch Instructions: Secure Your Ubuntu System Now

To mitigate this risk, immediately update your Python packages to the following patched versions:

Ubuntu VersionAffected PackageFixed Version
Ubuntu 25.04python3.133.13.3-1ubuntu0.2
Ubuntu 24.10python3.123.12.7-1ubuntu2.2
Ubuntu 24.10python3.133.13.0-1ubuntu0.3
Ubuntu 24.04 LTSpython3.123.12.3-1ubuntu0.7

Update Command:

bash
sudo apt update && sudo apt upgrade -y

Why This Vulnerability Demands Immediate Attention

✅ High Severity (CVSS 8.1+) – Exploitable remotely in some configurations.

✅ Widespread Impact – Affects developers, sysadmins, and enterprise environments.

✅ Data Integrity at Risk – Unauthorized file modifications can lead to compliance violations.

Additional Security Recommendations

  • Audit extraction logs for suspicious activity.

  • Restrict tar file handling in untrusted environments.

  • Monitor file integrity with tools like AIDE or Tripwire.

Official References & CVE Details

🔗 Ubuntu Security Notice (USN-7583-1): https://ubuntu.com/security/notices/USN-7583-1
🔗 CVE Database: CVE-2024-12718CVE-2025-4138

FAQ: Ubuntu Python Security Vulnerability

Q1: Can this exploit be triggered remotely?

A: Yes, if an attacker can deliver a malicious tar file (e.g., via phishing or compromised downloads).

Q2: Are Docker containers affected?

A: Yes, if running vulnerable Python versions—update base images immediately.

Q3: Is there a temporary workaround?

A: Disable tar extraction in untrusted workflows until patched.


Cezar Henrique at
Marcadores: Linux, Android, Segurança , , ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)