Security vulnerabilities and automated fixes for python security issues
2 posts found
A critical shell injection vulnerability in `scripts/mkmultidtb.py` allowed attackers to execute arbitrary commands during the kernel build process by injecting shell metacharacters into device tree binary (DTB) filenames. The vulnerability was caused by using `os.system()` with string concatenation instead of proper subprocess argument handling. This fix migrates to `subprocess.run()` with argument lists, eliminating the attack surface entirely.
A medium-severity vulnerability was discovered in GitLab's export script where the subprocess module was used without proper security considerations, potentially enabling command injection attacks. This fix demonstrates why choosing the right process execution method is critical for application security, and how a simple module selection can make the difference between secure and vulnerable code.