Bug 24356

Summary:	python-numpy new security issue CVE-2019-6446
Product:	Mageia	Reporter:	David Walser <luigiwalser>
Component:	Security	Assignee:	QA Team <qa-bugs>
Status:	RESOLVED FIXED	QA Contact:	Sec team <security>
Severity:	major
Priority:	Normal	CC:	andrewsfarm, geiger.david68210, sysadmin-bugs, tarazed25, tmb
Version:	7	Keywords:	advisory, validated_update
Target Milestone:	---
Hardware:	All
OS:	Linux
See Also:	https://bugs.mageia.org/show_bug.cgi?id=24028
Whiteboard:	MGA7-64-OK
Source RPM:	python-numpy-1.15.1-2.mga7.src.rpm	CVE:
Status comment:	Patch available from openSUSE
Attachments:	Introduction to matrix handling.

Description David Walser 2019-02-13 12:21:43 CET

SUSE has issued an advisory on February 12:
http://lists.suse.com/pipermail/sle-security-updates/2019-February/005104.html

The SUSE bug contains a link to a proposed fix:
https://bugzilla.suse.com/show_bug.cgi?id=1122208

Mageia 6 is also affected.

David Walser 2019-02-13 12:21:56 CET

See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=24028
Whiteboard: (none) => MGA6TOO

Comment 1 David Walser 2019-03-08 21:58:50 CET

openSUSE has issued an advisory for this on February 25:
https://lists.opensuse.org/opensuse-updates/2019-02/msg00134.html

David Walser 2019-03-09 17:31:56 CET

Status comment: (none) => Patch available from openSUSE

David Walser 2019-06-23 19:21:43 CEST

Whiteboard: MGA6TOO => MGA7TOO, MGA6TOO

Comment 2 David Walser 2019-11-07 17:56:48 CET

RedHat has issued an advisory for this on November 5:
https://access.redhat.com/errata/RHSA-2019:3704

Comment 3 David GEIGER 2019-11-08 15:24:19 CET

This was fixed upstream in 1.16.3 release now in Core/Updates_testing repo!

CC: (none) => geiger.david68210

Comment 4 David Walser 2019-11-08 16:19:40 CET

Advisory:
========================

Updated python-numpy packages fix security vulnerability:

An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python
module unsafely, which allows remote attackers to execute arbitrary code via a
crafted serialized object, as demonstrated by a numpy.load call
(CVE-2019-6446).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6446
https://access.redhat.com/errata/RHSA-2019:3704
========================

Updated packages in core/updates_testing:
========================
python2-numpy-1.16.3-1.mga7
python2-numpy-devel-1.16.3-1.mga7
python2-numpy-f2py-1.16.3-1.mga7
python3-numpy-1.16.3-1.mga7
python3-numpy-devel-1.16.3-1.mga7
python3-numpy-f2py-1.16.3-1.mga7

from python-numpy-1.16.3-1.mga7.src.rpm

Assignee: python => qa-bugs
Severity: normal => major
Version: Cauldron => 7
Whiteboard: MGA7TOO, MGA6TOO => (none)

Comment 5 Len Lawrence 2019-11-09 16:36:57 CET

Mageia7, x86_64

CVE-2019-6446
https://github.com/numpy/numpy/issues/12759
This supplies a python script to demonstrate the problem:

import numpy
from numpy import __version__
print( __version__ )
import os
import  pickle
class Test(object):
    def __init__(self):
        self.a = 1

    def __reduce__(self):
        return (os.system,('ls',))
tmpdaa = Test()
with open("a-file.pickle",'wb') as f:
    pickle.dump(tmpdaa,f)
numpy.load('a-file.pickle')

Before updates:
$ python test.py
1.16.2
 a-file.pickle	 list  '#report.24356#'   report.24356	 test.py   tutorial.py

Expected result.

$ rm a-file.pickle
$ python3 test.py
1.16.2
 a-file.pickle	 list  '#report.24356#'   report.24356	 test.py   tutorial.py
<Expected result>
$ rm a-file.pickle

$ urpmi.update -a
Updated the six packages.
$ python test.py
1.16.3
Traceback (most recent call last):
  File "test.py", line 15, in <module>
    numpy.load('a-file.pickle')
  File "/usr/lib64/python2.7/site-packages/numpy/lib/npyio.py", line 451, in load
    raise ValueError("Cannot load file containing pickled data "
ValueError: Cannot load file containing pickled data when allow_pickle=False
<Good result>
$ rm a-file.pickle
$ python3 test.py
1.16.3
Traceback (most recent call last):
  File "test.py", line 15, in <module>
    numpy.load('a-file.pickle')
  File "/usr/lib64/python3.7/site-packages/numpy/lib/npyio.py", line 451, in load
    raise ValueError("Cannot load file containing pickled data "
ValueError: Cannot load file containing pickled data when allow_pickle=False

These PoC tests show that the exploit has been trapped.

The numpy package provides a multidimensional matrix object useful in science and engineering.  See https://numpy.org/devdocs/user/quickstart.html

The following is the output from a very basic set of commands obtained from the quickstart tutorial.  Script attached.

$ python tutorial.py
[[ 0  1  2  3  4]
 [ 5  6  7  8  9]
 [10 11 12 13 14]]
(3, 5)
2
int64
8
15
<type 'numpy.ndarray'>
[6 7 8]
<type 'numpy.ndarray'>
[[1.5 2.  3. ]
 [4.  5.  6. ]]
[[1.+0.j 2.+0.j]
 [3.+0.j 4.+0.j]]
[0 1 2 3]
[20 29 38 47]
[0 1 4 9]
[ 9.12945251 -9.88031624  7.4511316  -2.62374854]

python3 produces exactly the same output.

Giving this the OK for 64-bits.

Whiteboard: (none) => MGA7-64-OK
CC: (none) => tarazed25

Comment 6 Len Lawrence 2019-11-09 16:39:22 CET

Created attachment 11347 [details]
Introduction to matrix handling.

Simply run against python(2) or python3.

Comment 7 Len Lawrence 2019-11-09 16:44:13 CET

Addendum to comment 5.
A word of warning for those like me unfamiliar with python fundamentals; the search path for modules appears to begin at the current directory.  The PoC script was originally named pickle.py, which led to a circular attempt to import itself as a module.  !

Comment 8 Thomas Andrews 2019-11-14 01:46:53 CET

Validating. Advisory in Comment 4.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Thomas Backlund 2019-11-14 16:23:49 CET

CC: (none) => tmb
Keywords: (none) => advisory

Comment 9 Mageia Robot 2019-11-14 18:00:33 CET

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2019-0322.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED