Bug 24356 - python-numpy new security issue CVE-2019-6446
Summary: python-numpy new security issue CVE-2019-6446
Status: NEW
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 7
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA7-64-OK
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2019-02-13 12:21 CET by David Walser
Modified: 2019-11-14 01:46 CET (History)
4 users (show)

See Also:
Source RPM: python-numpy-1.15.1-2.mga7.src.rpm
CVE:
Status comment: Patch available from openSUSE


Attachments
Introduction to matrix handling. (636 bytes, text/plain)
2019-11-09 16:39 CET, Len Lawrence
Details

Description David Walser 2019-02-13 12:21:43 CET
SUSE has issued an advisory on February 12:
http://lists.suse.com/pipermail/sle-security-updates/2019-February/005104.html

The SUSE bug contains a link to a proposed fix:
https://bugzilla.suse.com/show_bug.cgi?id=1122208

Mageia 6 is also affected.
David Walser 2019-02-13 12:21:56 CET

Whiteboard: (none) => MGA6TOO
See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=24028

Comment 1 David Walser 2019-03-08 21:58:50 CET
openSUSE has issued an advisory for this on February 25:
https://lists.opensuse.org/opensuse-updates/2019-02/msg00134.html
David Walser 2019-03-09 17:31:56 CET

Status comment: (none) => Patch available from openSUSE

David Walser 2019-06-23 19:21:43 CEST

Whiteboard: MGA6TOO => MGA7TOO, MGA6TOO

Comment 2 David Walser 2019-11-07 17:56:48 CET
RedHat has issued an advisory for this on November 5:
https://access.redhat.com/errata/RHSA-2019:3704
Comment 3 David GEIGER 2019-11-08 15:24:19 CET
This was fixed upstream in 1.16.3 release now in Core/Updates_testing repo!

CC: (none) => geiger.david68210

Comment 4 David Walser 2019-11-08 16:19:40 CET
Advisory:
========================

Updated python-numpy packages fix security vulnerability:

An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python
module unsafely, which allows remote attackers to execute arbitrary code via a
crafted serialized object, as demonstrated by a numpy.load call
(CVE-2019-6446).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6446
https://access.redhat.com/errata/RHSA-2019:3704
========================

Updated packages in core/updates_testing:
========================
python2-numpy-1.16.3-1.mga7
python2-numpy-devel-1.16.3-1.mga7
python2-numpy-f2py-1.16.3-1.mga7
python3-numpy-1.16.3-1.mga7
python3-numpy-devel-1.16.3-1.mga7
python3-numpy-f2py-1.16.3-1.mga7

from python-numpy-1.16.3-1.mga7.src.rpm

Version: Cauldron => 7
Assignee: python => qa-bugs
Severity: normal => major
Whiteboard: MGA7TOO, MGA6TOO => (none)

Comment 5 Len Lawrence 2019-11-09 16:36:57 CET
Mageia7, x86_64

CVE-2019-6446
https://github.com/numpy/numpy/issues/12759
This supplies a python script to demonstrate the problem:

import numpy
from numpy import __version__
print( __version__ )
import os
import  pickle
class Test(object):
    def __init__(self):
        self.a = 1

    def __reduce__(self):
        return (os.system,('ls',))
tmpdaa = Test()
with open("a-file.pickle",'wb') as f:
    pickle.dump(tmpdaa,f)
numpy.load('a-file.pickle')

Before updates:
$ python test.py
1.16.2
 a-file.pickle	 list  '#report.24356#'   report.24356	 test.py   tutorial.py

Expected result.

$ rm a-file.pickle
$ python3 test.py
1.16.2
 a-file.pickle	 list  '#report.24356#'   report.24356	 test.py   tutorial.py
<Expected result>
$ rm a-file.pickle

$ urpmi.update -a
Updated the six packages.
$ python test.py
1.16.3
Traceback (most recent call last):
  File "test.py", line 15, in <module>
    numpy.load('a-file.pickle')
  File "/usr/lib64/python2.7/site-packages/numpy/lib/npyio.py", line 451, in load
    raise ValueError("Cannot load file containing pickled data "
ValueError: Cannot load file containing pickled data when allow_pickle=False
<Good result>
$ rm a-file.pickle
$ python3 test.py
1.16.3
Traceback (most recent call last):
  File "test.py", line 15, in <module>
    numpy.load('a-file.pickle')
  File "/usr/lib64/python3.7/site-packages/numpy/lib/npyio.py", line 451, in load
    raise ValueError("Cannot load file containing pickled data "
ValueError: Cannot load file containing pickled data when allow_pickle=False

These PoC tests show that the exploit has been trapped.

The numpy package provides a multidimensional matrix object useful in science and engineering.  See https://numpy.org/devdocs/user/quickstart.html

The following is the output from a very basic set of commands obtained from the quickstart tutorial.  Script attached.

$ python tutorial.py
[[ 0  1  2  3  4]
 [ 5  6  7  8  9]
 [10 11 12 13 14]]
(3, 5)
2
int64
8
15
<type 'numpy.ndarray'>
[6 7 8]
<type 'numpy.ndarray'>
[[1.5 2.  3. ]
 [4.  5.  6. ]]
[[1.+0.j 2.+0.j]
 [3.+0.j 4.+0.j]]
[0 1 2 3]
[20 29 38 47]
[0 1 4 9]
[ 9.12945251 -9.88031624  7.4511316  -2.62374854]

python3 produces exactly the same output.

Giving this the OK for 64-bits.

CC: (none) => tarazed25
Whiteboard: (none) => MGA7-64-OK

Comment 6 Len Lawrence 2019-11-09 16:39:22 CET
Created attachment 11347 [details]
Introduction to matrix handling.

Simply run against python(2) or python3.
Comment 7 Len Lawrence 2019-11-09 16:44:13 CET
Addendum to comment 5.
A word of warning for those like me unfamiliar with python fundamentals; the search path for modules appears to begin at the current directory.  The PoC script was originally named pickle.py, which led to a circular attempt to import itself as a module.  !
Comment 8 Thomas Andrews 2019-11-14 01:46:53 CET
Validating. Advisory in Comment 4.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update


Note You need to log in before you can comment on or make changes to this bug.