CVE-2026-4224 Overview
CVE-2026-4224 is a stack overflow vulnerability in Python's Expat XML parser that occurs when processing deeply nested XML content models. When an Expat parser with a registered ElementDeclHandler parses an inline document type definition (DTD) containing a deeply nested content model, unbounded C recursion in the conv_content_model function leads to a C stack overflow, causing the application to crash.
This vulnerability is classified under CWE-674 (Uncontrolled Recursion), which describes scenarios where excessive recursive calls consume stack memory without proper depth limits, ultimately leading to denial of service conditions.
Critical Impact
Applications using Python's xml.parsers.expat module with ElementDeclHandler registered are vulnerable to denial of service attacks through crafted XML documents containing deeply nested DTD content models.
Affected Products
- Python CPython (versions using vulnerable pyexpat module)
- Applications using xml.parsers.expat with ElementDeclHandler
- Systems parsing untrusted XML with Python's Expat bindings
Discovery Timeline
- 2026-03-16 - CVE-2026-4224 published to NVD
- 2026-03-17 - Last updated in NVD database
Technical Details for CVE-2026-4224
Vulnerability Analysis
The vulnerability resides in Python's pyexpat.c module, specifically within the conv_content_model function. This function recursively processes XML content model definitions found in document type declarations. When parsing a maliciously crafted XML document containing an extremely deep nesting of content model elements, the recursive function calls exhaust the C stack before any safeguards can intervene.
The attack is network-accessible, meaning remote attackers can trigger the vulnerability by sending specially crafted XML data to vulnerable applications. While the attack requires some level of privilege (authentication may be needed depending on the application), no user interaction is required for exploitation. The primary impact is availability—successful exploitation causes a complete crash of the Python interpreter or application process.
Root Cause
The root cause is unbounded C recursion in the conv_content_model function within Modules/pyexpat.c. The function lacked proper recursion depth checking, allowing an attacker-controlled XML structure to dictate how deep the call stack grows. Without explicit limits or iterative processing, deeply nested content models directly translate to equally deep recursive calls, exhausting available stack space.
Attack Vector
An attacker can exploit this vulnerability by:
- Crafting an XML document with an inline DTD containing a deeply nested content model
- Sending this document to a Python application that uses xml.parsers.expat with an ElementDeclHandler registered
- When the parser attempts to process the malformed DTD, unbounded recursion occurs
- The C stack overflows, crashing the Python process and causing denial of service
The following patch shows the fix that adds recursion depth checking:
#endif
#include "Python.h"
+#include "pycore_ceval.h" // _Py_EnterRecursiveCall()
#include "pycore_import.h" // _PyImport_SetModule()
#include "pycore_pyhash.h" // _Py_HashSecret
#include "pycore_traceback.h" // _PyTraceback_Add()
Source: GitHub Commit Fix
The patch introduces the _Py_EnterRecursiveCall() mechanism from Python's core evaluation module to properly track and limit recursion depth, preventing uncontrolled stack growth.
Detection Methods for CVE-2026-4224
Indicators of Compromise
- Application crashes with stack overflow or segmentation fault when processing XML
- Python interpreter crashes during XML parsing operations
- Unusual XML documents with extremely deep DTD content model nesting in logs
- Repeated denial of service incidents affecting XML processing components
Detection Strategies
- Monitor for Python process crashes associated with XML parsing modules
- Implement logging around xml.parsers.expat parser initialization with ElementDeclHandler
- Analyze incoming XML traffic for anomalously deep DTD content model structures
- Deploy application-level monitoring for unexpected parser terminations
Monitoring Recommendations
- Enable crash reporting and stack trace collection for Python applications
- Monitor system logs for segmentation faults in Python processes handling XML
- Implement rate limiting on XML submission endpoints
- Track resource consumption patterns during XML processing operations
How to Mitigate CVE-2026-4224
Immediate Actions Required
- Update Python to a patched version that includes the recursion depth fix
- Review applications using xml.parsers.expat with ElementDeclHandler for exposure
- Consider disabling ElementDeclHandler if DTD content model parsing is not required
- Implement input validation to reject XML with excessively complex DTDs
Patch Information
Python has released security patches addressing this vulnerability across multiple branches. The fix adds proper recursion depth checking using _Py_EnterRecursiveCall() in the conv_content_model function. Patches are available for Python 3.13, 3.14, and the main development branch:
Additional details are available in the Python Security Announcement and the GitHub Issue Discussion.
Workarounds
- Avoid using ElementDeclHandler when parsing untrusted XML content
- Pre-process XML to reject documents with inline DTDs before Expat parsing
- Implement XML schema validation that limits DTD complexity
- Use alternative XML parsing libraries that have built-in recursion limits
# Verify Python version and check for vulnerability
python3 --version
# Update Python to patched version
# For systems using package managers:
sudo apt update && sudo apt upgrade python3
# Or using pyenv:
pyenv install 3.13.x # Replace with patched version
pyenv global 3.13.x
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
