Closed
Description
Bug report
Originally reported by @aapooksman via the Python Security Response Team mailing list on 2023-08-08. Thanks for the responsible disclosure!
Checklist
- I am confident this is a bug in CPython, not a bug in a third-party project
- I have searched the CPython issue tracker,
and am confident this bug has not been reported before
CPython versions tested on:
3.8, 3.9, 3.10, 3.11, 3.12, CPython main branch
Operating systems tested on:
Linux, macOS
A clear and concise description of the bug:
Instances of ssl.SSLSocket are vulnerable to a bypass of the TLS handshake and included protections (like certificate verification) and could lead applications to treat unencrypted data received pre-TLS-handshake that is followed by an immediate connection close as if it were post-handshake TLS encrypted data.
Linked PRs
- gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close flaw #108315
- [3.12] gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close flaw #108316
- [3.11] gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close flaw #108317
- [3.10] gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close flaw #108318
- [3.9] gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close flaw #108320
- [3.8] gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close flaw #108321
- [3.8] gh-108310: Fix TestPreHandshakeClose tests in test_ssl #110718
Metadata
Metadata
Labels
only security fixesonly security fixesonly security fixesonly security fixesonly security fixesonly security fixesbugs and security fixesbugs and security fixesend of lifeend of lifeonly security fixesonly security fixesAn unexpected behavior, bug, or errorAn unexpected behavior, bug, or errorA security issueA security issue