CVE-2018-1000030
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2018-1000030 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
Versions of Python 2 included in Red Hat Enterprise Linux 6 and 7 are affected by this issue. Reading concurrently from the same file handle in multiple threads is inherently unstable, and should not be relied upon in any real program. This issue is not planned to be fixed in future releases.
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
| CVSS3 Base Score | 3.6 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L |
| Attack Vector | Local |
| Attack Complexity | High |
| Privileges Required | Low |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality | Low |
| Integrity Impact | None |
| Availability Impact | Low |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Software Collections for Red Hat Enterprise Linux | rh-python35-python | Not affected |
| Red Hat Software Collections for Red Hat Enterprise Linux | python27-python | Will not fix |
| Red Hat Software Collections for Red Hat Enterprise Linux | rh-python34-python | Not affected |
| Red Hat Software Collections for Red Hat Enterprise Linux | rh-python36-python | Not affected |
| Red Hat Enterprise Linux 7 | python | Will not fix |
| Red Hat Enterprise Linux 6 | python | Will not fix |
| Red Hat Enterprise Linux 5 | python | Will not fix |
CVE description copyright © 2017, The MITRE Corporation
