VDB

RHSA-2020%3A4254

RHSA-2020%3A4254 PUBLISHED CVSS 7 HIGH

A double free issue has been discovered in python-psutil because of the mishandling of refcounts while converting system data into Python objects in functions like psutil_disk_partitions(), psutil_users(), psutil_net_if_addrs(), and others. In particular cases, a local attacker may be able to get code execution by manipulating system resources that python-psutil then tries to convert.

Risk Scores

CVSS 3.0
7
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Red Hatansible-tower-37/ansible-runner-rhel7@sha256:6f0b354be83503e3ee052383dadd8d2cb4c0b5a4d27bdea3563da591df0d8a5d_amd64 as a component of Red Hat Ansible Tower 3.7 for RHEL 7ansible-tower-37/ansible-runner-rhel7@sha256:6f0b354be83503e3ee052383dadd8d2cb4c0b5a4d27bdea3563da591df0d8a5d_amd64

Timeline

  • Oct 14, 2020 CVE Published
  • Nov 21, 2025 CVE Updated
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›