CVE-2025-71176
📋 TL;DR
This vulnerability in pytest allows local users on UNIX systems to cause denial of service or potentially escalate privileges by exploiting predictable temporary directory names. It affects pytest installations where users can create directories in /tmp. The risk is limited to systems with multiple local users or shared environments.
💻 Affected Systems
- pytest
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation allowing an attacker to execute arbitrary code with the privileges of another user running pytest tests.
Likely Case
Denial of service by interfering with pytest's temporary directory structure, causing test failures or system instability.
If Mitigated
Minimal impact if proper file permissions restrict /tmp directory access or if pytest runs in isolated environments.
🎯 Exploit Status
Exploitation requires local user access and knowledge of other users' pytest sessions. The vulnerability is well-documented in public disclosures.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: pytest 9.0.3 and later
Vendor Advisory: https://github.com/pytest-dev/pytest/issues/13669
Restart Required: No
Instructions:
1. Upgrade pytest using pip: 'pip install --upgrade pytest>=9.0.3' 2. Verify the upgrade with 'pytest --version' 3. No restart required as this is a Python package update.
🔧 Temporary Workarounds
Set custom pytest temporary directory
linuxOverride the default temporary directory location to a secure, user-specific path
export PYTEST_DEBUG_TEMPROOT=/secure/user/specific/path
pytest --basetemp=/secure/user/specific/path
Restrict /tmp directory permissions
linuxSet stricter permissions on /tmp to prevent directory creation by unauthorized users
chmod 1777 /tmp
chown root:root /tmp
🧯 If You Can't Patch
- Run pytest in isolated containers or virtual environments with restricted filesystem access
- Implement strict user separation and ensure pytest runs with minimal privileges
🔍 How to Verify
Check if Vulnerable:
Check pytest version with 'pytest --version' and verify if it's 9.0.2 or earlier on a UNIX system.Check Version:
pytest --versionVerify Fix Applied:
After upgrading, confirm version is 9.0.3 or later with 'pytest --version' and test that temporary directories use secure naming.📡 Detection & Monitoring
Log Indicators:
- Failed pytest test runs due to temporary directory conflicts
- Unauthorized directory creation attempts in /tmp/pytest-of-* patterns
Network Indicators:
- None - this is a local filesystem vulnerability
SIEM Query:
search 'pytest' AND ('/tmp/pytest-of' OR 'temporary directory') in system logs for access violations