Miggo Logo

CVE-2019-18874: Double Free in psutil

7.5

CVSS Score
3.1

Basic Information

EPSS Score
0.30721%
Published
3/12/2020
Updated
10/21/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
psutilpip<= 5.6.55.6.6

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from using Py_DECREF instead of Py_CLEAR in loops that create Python objects. The commit 7d512c8 shows systematic replacement of Py_DECREF with Py_CLEAR across multiple functions in platform-specific C files. These functions handle system data conversion in while/for loops, and the original Py_DECREF usage left variables non-NULL after decrementing refcounts. This created a scenario where subsequent iterations/error handling could trigger double-free conditions if object creation failed after the first iteration. The pattern is consistent across all patched functions, with high confidence from the explicit fix in the security commit.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

psutil (*k* pyt*on-psutil) t*rou** *.*.* **n **v* * *ou*l* *r**. T*is o**urs ****us* o* r***ount mis**n*lin* wit*in * w*il* or *or loop t**t *onv*rts syst*m **t* into * Pyt*on o*j**t.

Reasoning

T** vuln*r**ility st*mm** *rom usin* Py_***R** inst*** o* Py_*L**R in loops t**t *r**t* Pyt*on o*j**ts. T** *ommit ******* s*ows syst*m*ti* r*pl***m*nt o* Py_***R** wit* Py_*L**R **ross multipl* *un*tions in pl*t*orm-sp**i*i* * *il*s. T**s* *un*tions