CVE-2024-4032

Publication date 17 June 2024

Last updated 1 August 2024


Ubuntu priority

The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.

Why is this CVE low priority?

This is a low severity issue that only mis-classes certain ip addresses

Learn more about Ubuntu priority

Status

Package Ubuntu Release Status
python2.7 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Not affected
20.04 LTS focal
Not affected
18.04 LTS bionic
Not affected
16.04 LTS xenial
Not affected
14.04 LTS trusty
Not affected
python3.10 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 3.10.12-1~22.04.5
20.04 LTS focal Not in release
python3.11 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Ignored end of life, was needs-triage
22.04 LTS jammy
Needs evaluation
20.04 LTS focal Not in release
python3.12 24.10 oracular
Not affected
24.04 LTS noble
Fixed 3.12.3-1ubuntu0.1
23.10 mantic Ignored end of life, was needs-triage
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
python3.4 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
14.04 LTS trusty Ignored end of ESM support, was needs-triage
python3.5 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
16.04 LTS xenial
Needs evaluation
14.04 LTS trusty Ignored end of ESM support, was needs-triage
python3.6 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic
Needs evaluation
python3.7 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic
Needs evaluation
python3.8 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Fixed 3.8.10-0ubuntu1~20.04.11
18.04 LTS bionic
Needs evaluation
python3.9 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Needs evaluation

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
python3.10
python3.11
python3.12
python3.8
python3.9