FERRAMENTAS LINUX: Lua in Python: The Sandbox Escape You Need to Patch (CVE-2026-34444)

Patch CVE-2026-34444: Check lupa version, run the fix script, block RCE with iptables, and test in a free lab.

The Setup: You’re running lupa to execute untrusted Lua scripts inside your Python app. You think the attribute_filter has your back.

The Reality: It doesn’t. Attackers can bypass the filter via getattr/setattr and run shell commands on your server.

The Fix: Do not rely solely on the sandbox. You need layers.

This isn't just about python311-lupa on openSUSE Tumbleweed (updated April 2026). It's about every lupa install < v2.8 across Ubuntu, Rocky Linux and SUSE.

How to check if you are vulnerable

Run this command to check your version. If it’s below 2.8, you are exposed.

Ubuntu / Debian:

pip show lupa | grep Version
# or dpkg -l | grep python3-lupa

Rocky Linux / RHEL:

rpm -qa | grep lupa
pip3 show lupa

SUSE Linux Enterprise / openSUSE:

zypper info python311-lupa
rpm -qi python311-lupa

Automation script to apply the fix

Save this as fix_lupa.sh and run it on any major distro.

#!/bin/bash
# Evergreen fix for CVE-2026-34444 (Lupa Attribute Filter Bypass)

echo "[+] Checking current lupa version..."
pip3 show lupa | grep Version

echo "[+] Upgrading lupa to patched version (>2.7)..."
pip3 install --upgrade 'lupa>=2.8'

# Verify the fix
echo "[+] Verifying..."
python3 -c "import lupa; print(f'Lupa version: {lupa.__version__}')"

# Restart your application (critical!)
echo "[+] Please restart your Python application now."

Run it:

chmod +x fix_lupa.sh
sudo ./fix_lupa.sh

Alternative mitigation (if you can't update now)

Can't upgrade? Lock down the Python process at the kernel level.

Option 1: Iptables (Network mitigation)

If the leads to reverse shells, block unexpected outbound connections:

# Allow only established outbound (blocks reverse shells)
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -j DROP

Option 2: AppArmor (Proactive containment)

Create a profile for your Python app that blocks execution of /bin/bash or /bin/sh.

# Install apparmor-utils
sudo apt install apparmor-utils

# Put your Python script in complain mode to learn behavior
sudo aa-complain /usr/bin/python3.11

# Then enforce a profile that denies 'exec' on shells

Option 3: The "Airgap" method

Run the untrusted Lua code in a separate Docker container with no host volume mounts and read-only root.

docker run --rm --read-only --cap-drop=ALL python:3.11-slim your_script.py

Hands-on Lab: Reproduce this in 10 minutes

Goal: Set up a vulnerable VM and test the attribute filter bypass.

Prerequisites

Vagrant + VirtualBox installed.

4GB RAM free.

Step 1: Spin up Ubuntu 22.04

mkdir lupa-lab && cd lupa-lab
vagrant init ubuntu/jammy64
vagrant up
vagrant ssh

Step 2: Install vulnerable version

sudo apt update
sudo apt install python3-pip -y
pip3 install lupa==2.6

Step 3: Write the vulnerable script (test_sandbox.py)

from lupa import LuaRuntime

lua = LuaRuntime(unpack_returned_tuples=True)

# This is the "supposed" sandbox filter
def attribute_filter(obj, attr_name, is_setting):
    banned = ["os", "system", "execute"]
    return attr_name not in banned

lua.attribute_filter = attribute_filter

# 🚨 ATTEMPT THE BYPASS (CVE-2026-34444)
exploit = '''
local func = getattr(_G, "os")
local exec = getattr(func, "system")
exec("echo 'Sandbox Broken! Your server is mine.'")
'''

lua.execute(exploit)

Expected output: Sandbox Broken! Your server is mine. – Congrats, you just simulated the exploit.

Step 4: Apply the fix

pip3 install --upgrade lupa>=2.8
python3 test_sandbox.py  # Should now raise an attribute error

Conclusion

Sandboxes fail. The lupa CVE-2026-34444 proves it again. You have three jobs:

1. Patch (using the script above).

2. Contain (using AppArmor or Docker).

3. Learn (so you don't repeat mistakes).

Don't wait for the next CVE to hit your production box.

Páginas

quinta-feira, 9 de abril de 2026

Lua in Python: The Sandbox Escape You Need to Patch (CVE-2026-34444)