CVE-2024-9287 - Command Injection in Python venv Activation Scripts – Explained

A new vulnerability, CVE-2024-9287, has been found in the popular CPython venv module. This bug allows command injection attacks through virtual environment activation scripts if you aren’t careful about where and how your environments are created. In this post, we’ll break down what’s happening, how it can affect you, and show example code to help you see it for yourself.

What is CVE-2024-9287?

CVE-2024-9287 is a Command Injection vulnerability in the Python standard library. When you use the venv module (or the python3 -m venv command) to make a new virtual environment, the scripts it creates to “activate” your environment can be compromised if the path on which you created your venv contains attacker-controlled data.

Basically, if someone can make you run source /bad/path/bin/activate, it could run *any* command hidden inside that path. This only happens if you *activate* the venv with the source command—the bug doesn’t impact running Python directly (like ./venv/bin/python app.py).

How Does the Bug Happen?

When Python creates the activation script (activate, activate.bat, etc.), it writes some shell commands that set environment variables and change your prompt. In the vulnerable versions, the directory path to your venv ends up unquoted in those shell commands.

For example, if you create a venv in a folder called

/tmp/myvenv;maliciouscommand

The activation script could include a line like this

VIRTUAL_ENV=/tmp/myvenv;maliciouscommand

When you source this script, your shell runs the stuff after the semicolon as a command — that’s command injection.

Suppose a malicious user runs this

python3 -m venv "/tmp/venv;touch /tmp/pwned"

This creates a virtual environment in a folder named

/tmp/venv;touch /tmp/pwned

If you, a victim, trustingly run

source /tmp/venv;touch /tmp/pwned/bin/activate

(but, due to the way shells parse, the semicolon triggers another command)

Result:
A file /tmp/pwned will be created! That proves the inject worked.

Proof with code

python3 -m venv "/tmp/vuln;echo HACKED > /tmp/injected"
source "/tmp/vuln;echo HACKED > /tmp/injected/bin/activate"
cat /tmp/injected
# File exists with "HACKED"

Why Is This a Problem?

- Social Engineering: If you’re working in a shared space or running someone else's setup script, a malicious venv path could trick you.
- CI/CD Risks: Automation that uses unchecked folder names could be exploited.

Always check the path you’re creating the venv in.

- Upgrade to a patched version of Python once it’s available (Python Security Advisory).

References

- Python Issue Tracker Discussion
- CVE-2024-9287 at cve.org
- CPython venv Documentation

Final Thoughts

CVE-2024-9287 proves that “little things” like quoting variables matter, especially in scripts that get sourced by your shell. Always double-check and sanitize your environment paths, and stay tuned for an official patch!

*Feel free to share this post to keep your fellow Pythonistas safe.*

Timeline

Published on: 10/22/2024 17:15:06 UTC
Last modified on: 02/10/2025 18:47:16 UTC