Bug 1219666 (CVE-2023-6597)

Summary: VUL-0: CVE-2023-6597: python,python3,python310,python311,python36,python39: tempfile.TemporaryDirectory fails removing dir in some edge cases related to symlinks
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: andreas.taschner, mcepl, meissner, stoyan.manolov
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/393333/
See Also: https://bugzilla.suse.com/show_bug.cgi?id=1220296
Whiteboard: CVSSv3.1:SUSE:CVE-2023-6597:8.4:(AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-02-07 09:17:00 UTC 
https://github.com/python/cpython/issues/91133

tracks some symlink race condition fixes in cleanup
Comment 1 Matej Cepl 2024-02-20 23:55:16 UTC 
Cannot reproduce with 3.11.8, or 3.12.2.
Can reproduce with 3.8.18, and 3.9.18. On SLE can reproduce with 3.4.10, and 3.6.15.

Reproducer:

    #!/usr/bin/python3

    import os
    import tempfile

    def createUnremovableDir(workdir):
        print(workdir)
        os.mkdir('{}/mydir'.format(workdir))
        # Symlink to a root owned file
        os.symlink('/bin/bash', '{}/mydir/mylink'.format(workdir))
        os.chmod('{}/mydir'.format(workdir), 0o555)

    with tempfile.TemporaryDirectory() as workdir:
        createUnremovableDir(workdir)
Comment 2 Marcus Meissner 2024-02-22 09:38:03 UTC 
can you also check on python2?
Comment 3 Matej Cepl 2024-02-22 21:38:27 UTC 
(In reply to Marcus Meissner from comment #2)
> can you also check on python2?

Python 2 doesn’t have `tempfile.TemporaryDirectory` class at all.
Comment 7 OBSbugzilla Bot 2024-02-29 03:35:03 UTC 
This is an autogenerated message for OBS integration:
This bug (1219666) was mentioned in
https://build.opensuse.org/request/show/1153058 Factory / python38
https://build.opensuse.org/request/show/1153059 Factory / python39
https://build.opensuse.org/request/show/1153061 Factory / python310
Comment 9 OBSbugzilla Bot 2024-02-29 13:35:03 UTC 
This is an autogenerated message for OBS integration:
This bug (1219666) was mentioned in
https://build.opensuse.org/request/show/1153186 Factory / python311
Comment 12 Matej Cepl 2024-02-29 21:51:27 UTC 
Requests submitted.
Comment 13 OBSbugzilla Bot 2024-02-29 23:35:04 UTC 
This is an autogenerated message for OBS integration:
This bug (1219666) was mentioned in
https://build.opensuse.org/request/show/1153616 Factory / python312
Comment 14 Maintenance Automation 2024-03-06 16:30:03 UTC 
SUSE-SU-2024:0782-1: An update that solves three vulnerabilities can now be installed.

Category: security (important)
Bug References: 1196025, 1210638, 1219666
CVE References: CVE-2022-25236, CVE-2023-27043, CVE-2023-6597
Sources used:
openSUSE Leap 15.4 (src): python311-core-3.11.8-150400.9.23.1, python311-3.11.8-150400.9.23.1, python311-documentation-3.11.8-150400.9.23.1
openSUSE Leap 15.5 (src): python311-core-3.11.8-150400.9.23.1, python311-3.11.8-150400.9.23.1, python311-documentation-3.11.8-150400.9.23.1
Python 3 Module 15-SP5 (src): python311-core-3.11.8-150400.9.23.1, python311-3.11.8-150400.9.23.1, python311-documentation-3.11.8-150400.9.23.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): python311-core-3.11.8-150400.9.23.1, python311-3.11.8-150400.9.23.1, python311-documentation-3.11.8-150400.9.23.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): python311-core-3.11.8-150400.9.23.1, python311-3.11.8-150400.9.23.1, python311-documentation-3.11.8-150400.9.23.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): python311-core-3.11.8-150400.9.23.1, python311-3.11.8-150400.9.23.1, python311-documentation-3.11.8-150400.9.23.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src): python311-core-3.11.8-150400.9.23.1, python311-3.11.8-150400.9.23.1, python311-documentation-3.11.8-150400.9.23.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): python311-core-3.11.8-150400.9.23.1, python311-3.11.8-150400.9.23.1, python311-documentation-3.11.8-150400.9.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 15 Maintenance Automation 2024-03-06 20:30:02 UTC 
SUSE-SU-2024:0785-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1214692, 1219666
CVE References: CVE-2023-40217, CVE-2023-6597
Sources used:
Web and Scripting Module 12 (src): python3-3.4.10-25.124.1, python3-base-3.4.10-25.124.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src): python3-3.4.10-25.124.1, python3-base-3.4.10-25.124.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): python3-3.4.10-25.124.1, python3-base-3.4.10-25.124.1
SUSE Linux Enterprise Server 12 SP5 (src): python3-3.4.10-25.124.1, python3-base-3.4.10-25.124.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): python3-3.4.10-25.124.1, python3-base-3.4.10-25.124.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Maintenance Automation 2024-03-06 20:30:05 UTC 
SUSE-SU-2024:0784-1: An update that solves four vulnerabilities, contains two features and has two security fixes can now be installed.

Category: security (important)
Bug References: 1196025, 1210638, 1212015, 1214692, 1215454, 1219666
CVE References: CVE-2022-25236, CVE-2023-27043, CVE-2023-40217, CVE-2023-6597
Jira References: PED-7886, SLE-21253
Sources used:
openSUSE Leap 15.3 (src): python39-3.9.18-150300.4.38.1, python39-core-3.9.18-150300.4.38.1, python39-documentation-3.9.18-150300.4.38.1
openSUSE Leap 15.5 (src): python39-3.9.18-150300.4.38.1, python39-core-3.9.18-150300.4.38.1, python39-documentation-3.9.18-150300.4.38.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): python39-3.9.18-150300.4.38.1, python39-core-3.9.18-150300.4.38.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): python39-3.9.18-150300.4.38.1, python39-core-3.9.18-150300.4.38.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): python39-3.9.18-150300.4.38.1, python39-core-3.9.18-150300.4.38.1
SUSE Enterprise Storage 7.1 (src): python39-3.9.18-150300.4.38.1, python39-core-3.9.18-150300.4.38.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Maintenance Automation 2024-03-08 12:30:03 UTC 
SUSE-SU-2024:0820-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1219666
CVE References: CVE-2023-6597
Sources used:
openSUSE Leap 15.4 (src): python310-3.10.13-150400.4.42.1, python310-core-3.10.13-150400.4.42.1, python310-documentation-3.10.13-150400.4.42.1
openSUSE Leap 15.5 (src): python310-3.10.13-150400.4.42.1, python310-core-3.10.13-150400.4.42.1, python310-documentation-3.10.13-150400.4.42.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): python310-3.10.13-150400.4.42.1, python310-core-3.10.13-150400.4.42.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): python310-3.10.13-150400.4.42.1, python310-core-3.10.13-150400.4.42.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): python310-3.10.13-150400.4.42.1, python310-core-3.10.13-150400.4.42.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src): python310-3.10.13-150400.4.42.1, python310-core-3.10.13-150400.4.42.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): python310-3.10.13-150400.4.42.1, python310-core-3.10.13-150400.4.42.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Maintenance Automation 2024-03-12 16:30:11 UTC 
SUSE-SU-2024:0850-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1219666
CVE References: CVE-2023-6597
Sources used:
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): python3-3.6.15-150000.3.141.1, python3-core-3.6.15-150000.3.141.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): python3-3.6.15-150000.3.141.1, python3-core-3.6.15-150000.3.141.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): python3-3.6.15-150000.3.141.1, python3-core-3.6.15-150000.3.141.1
SUSE Linux Enterprise Micro 5.1 (src): python3-3.6.15-150000.3.141.1, python3-core-3.6.15-150000.3.141.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Maintenance Automation 2024-03-14 20:30:05 UTC 
SUSE-SU-2024:0901-1: An update that solves two vulnerabilities can now be installed.

Category: security (important)
Bug References: 1214691, 1219666
CVE References: CVE-2022-48566, CVE-2023-6597
Sources used:
openSUSE Leap Micro 5.4 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
openSUSE Leap 15.5 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1, python3-documentation-3.6.15-150300.10.57.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise Micro 5.3 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise Micro 5.4 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise Micro 5.5 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
Basesystem Module 15-SP5 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
Development Tools Module 15-SP5 (src): python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Manager Proxy 4.3 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Manager Retail Branch Server 4.3 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Manager Server 4.3 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Enterprise Storage 7.1 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise Micro 5.2 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1
openSUSE Leap 15.3 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1, python3-documentation-3.6.15-150300.10.57.1
openSUSE Leap Micro 5.3 (src): python3-3.6.15-150300.10.57.1, python3-core-3.6.15-150300.10.57.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 OBSbugzilla Bot 2024-03-22 11:35:03 UTC 
This is an autogenerated message for OBS integration:
This bug (1219666) was mentioned in
https://build.opensuse.org/request/show/1160579 Factory / python310
Comment 21 OBSbugzilla Bot 2024-03-24 03:35:07 UTC 
This is an autogenerated message for OBS integration:
This bug (1219666) was mentioned in
https://build.opensuse.org/request/show/1161042 Factory / python39
Comment 22 OBSbugzilla Bot 2024-03-24 09:35:14 UTC 
This is an autogenerated message for OBS integration:
This bug (1219666) was mentioned in
https://build.opensuse.org/request/show/1161074 Factory / python310
Comment 24 Maintenance Automation 2024-03-27 16:30:09 UTC 
SUSE-SU-2024:1009-1: An update that solves three vulnerabilities and has one security fix can now be installed.

Category: security (important)
Bug References: 1211301, 1219559, 1219666, 1221854
CVE References: CVE-2023-52425, CVE-2023-6597, CVE-2024-0450
Maintenance Incident: [SUSE:Maintenance:33053](https://smelt.suse.de/incident/33053/)
Sources used:
openSUSE Leap 15.3 (src):
 python39-3.9.19-150300.4.41.1, python39-documentation-3.9.19-150300.4.41.1, python39-core-3.9.19-150300.4.41.2
openSUSE Leap 15.5 (src):
 python39-3.9.19-150300.4.41.1, python39-documentation-3.9.19-150300.4.41.1, python39-core-3.9.19-150300.4.41.2
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src):
 python39-3.9.19-150300.4.41.1, python39-core-3.9.19-150300.4.41.2
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src):
 python39-3.9.19-150300.4.41.1, python39-core-3.9.19-150300.4.41.2
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src):
 python39-3.9.19-150300.4.41.1, python39-core-3.9.19-150300.4.41.2
SUSE Enterprise Storage 7.1 (src):
 python39-3.9.19-150300.4.41.1, python39-core-3.9.19-150300.4.41.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 26 Maintenance Automation 2024-04-08 12:30:03 UTC 
SUSE-SU-2024:1162-1: An update that solves three vulnerabilities and has two security fixes can now be installed.

Category: security (important)
Bug References: 1189495, 1211301, 1219559, 1219666, 1221854
CVE References: CVE-2023-52425, CVE-2023-6597, CVE-2024-0450
Maintenance Incident: [SUSE:Maintenance:33187](https://smelt.suse.de/incident/33187/)
Sources used:
openSUSE Leap 15.4 (src):
 python310-documentation-3.10.14-150400.4.45.1, python310-3.10.14-150400.4.45.1, python310-core-3.10.14-150400.4.45.1
openSUSE Leap 15.5 (src):
 python310-documentation-3.10.14-150400.4.45.1, python310-3.10.14-150400.4.45.1, python310-core-3.10.14-150400.4.45.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src):
 python310-3.10.14-150400.4.45.1, python310-core-3.10.14-150400.4.45.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src):
 python310-3.10.14-150400.4.45.1, python310-core-3.10.14-150400.4.45.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src):
 python310-3.10.14-150400.4.45.1, python310-core-3.10.14-150400.4.45.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src):
 python310-3.10.14-150400.4.45.1, python310-core-3.10.14-150400.4.45.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src):
 python310-3.10.14-150400.4.45.1, python310-core-3.10.14-150400.4.45.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Maintenance Automation 2024-04-30 16:30:02 UTC 
SUSE-SU-2024:0782-2: An update that solves three vulnerabilities can now be installed.

Category: security (important)
Bug References: 1196025, 1210638, 1219666
CVE References: CVE-2022-25236, CVE-2023-27043, CVE-2023-6597
Maintenance Incident: [SUSE:Maintenance:32834](https://smelt.suse.de/incident/32834/)
Sources used:
Public Cloud Module 15-SP4 (src):
 python311-3.11.8-150400.9.23.1, python311-core-3.11.8-150400.9.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Maintenance Automation 2024-05-08 12:30:04 UTC 
SUSE-SU-2024:1556-1: An update that solves three vulnerabilities and has three security fixes can now be installed.

Category: security (important)
Bug References: 1189495, 1211301, 1219559, 1219666, 1221260, 1221854
CVE References: CVE-2023-52425, CVE-2023-6597, CVE-2024-0450
Maintenance Incident: [SUSE:Maintenance:33618](https://smelt.suse.de/incident/33618/)
Sources used:
openSUSE Leap 15.4 (src):
 python311-3.11.9-150400.9.26.1, python311-core-3.11.9-150400.9.26.1, python311-documentation-3.11.9-150400.9.26.1
openSUSE Leap 15.5 (src):
 python311-3.11.9-150400.9.26.1, python311-core-3.11.9-150400.9.26.1, python311-documentation-3.11.9-150400.9.26.1
Public Cloud Module 15-SP4 (src):
 python311-3.11.9-150400.9.26.1, python311-core-3.11.9-150400.9.26.1
Python 3 Module 15-SP5 (src):
 python311-3.11.9-150400.9.26.1, python311-core-3.11.9-150400.9.26.1, python311-documentation-3.11.9-150400.9.26.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src):
 python311-3.11.9-150400.9.26.1, python311-core-3.11.9-150400.9.26.1, python311-documentation-3.11.9-150400.9.26.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src):
 python311-3.11.9-150400.9.26.1, python311-core-3.11.9-150400.9.26.1, python311-documentation-3.11.9-150400.9.26.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src):
 python311-3.11.9-150400.9.26.1, python311-core-3.11.9-150400.9.26.1, python311-documentation-3.11.9-150400.9.26.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src):
 python311-3.11.9-150400.9.26.1, python311-core-3.11.9-150400.9.26.1, python311-documentation-3.11.9-150400.9.26.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src):
 python311-3.11.9-150400.9.26.1, python311-core-3.11.9-150400.9.26.1, python311-documentation-3.11.9-150400.9.26.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 41 Maintenance Automation 2024-05-29 20:30:02 UTC 
SUSE-SU-2024:1847-1: An update that solves four vulnerabilities and has four security fixes can now be installed.

Category: security (important)
Bug References: 1214691, 1219559, 1219666, 1220664, 1221563, 1221854, 1222075, 1222109
CVE References: CVE-2022-48566, CVE-2023-52425, CVE-2023-6597, CVE-2024-0450
Maintenance Incident: [SUSE:Maintenance:33972](https://smelt.suse.de/incident/33972/)
Sources used:
SUSE Linux Enterprise Software Development Kit 12 SP5 (src):
 python36-core-3.6.15-55.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 python36-core-3.6.15-55.1, python36-3.6.15-55.1
SUSE Linux Enterprise Server 12 SP5 (src):
 python36-core-3.6.15-55.1, python36-3.6.15-55.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 python36-core-3.6.15-55.1, python36-3.6.15-55.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.