CVE-2026-10142 - kafka-python frame length parser DoS

kafka-python before 2.3.2 trusts a broker-supplied 4-byte frame length in the network receive path. A malicious broker or machine-in-the-middle can send an oversized or malformed length that drives huge memory allocation attempts or leaves the connection in a broken state, hanging requests and stopping consumer heartbeats until restart.

This is primarily a broker-boundary bug. The highest-risk deployments are clients that talk to shared, third-party, or insufficiently authenticated Kafka brokers, or that do not use transport protections strong enough to prevent broker impersonation.

When to use it

  • A Python service, notebook, worker, or image resolves kafka-python <2.3.2.
  • Kafka clients connect to shared, third-party, test, or weakly authenticated brokers.
  • Consumers, producers, or admin jobs can hang long enough to affect heartbeats, backlogs, tenant workflows, or incident response automation.
  • You need one bounded PR or triage note that upgrades the package and records broker-boundary risk.

Inputs

  • Dependency manifests, lockfiles, container build files, SBOMs, notebooks, and generated dependency reports.
  • Resolved kafka-python versions for every deployable target.
  • Kafka client configuration, broker allow-lists, TLS/SASL settings, and connection lifecycle ownership.
  • Available unit tests, parser/wrapper tests, container build, dependency scan, and SBOM refresh commands.

Affected versions

  • Vulnerable package: kafka-python <2.3.2
  • Fixed package: kafka-python 2.3.2+
  • Affected path: broker response parsing through receive_bytes()
  • Impact: memory exhaustion, stuck clients, hung producer/admin requests, and consumer group instability

Source-freshness note: GitHub Advisory Database currently publishes this as an unreviewed advisory with no package metadata and unknown affected/patched version fields, even though the description, NVD entry, and upstream fix point to kafka-python prior to 2.3.2. Do not rely on Dependabot alone to find exposure; inventory manifests, lockfiles, images, and notebooks directly.

Indicator-of-exposure

  • The repository depends on kafka-python <2.3.2 in application code, worker images, notebooks, scripts, CI tooling, or internal libraries.
  • The deployment talks to Kafka brokers outside a strictly trusted and mutually authenticated network boundary.
  • The runtime uses long-lived consumers, producers, or admin clients where a stuck socket can cause consumer eviction, replay, or job backlog growth.
  • Client health checks do not quickly recycle wedged Kafka connections.

Quick checks:

rg -n "kafka-python|from kafka|import kafka|KafkaConsumer|KafkaProducer|KafkaAdminClient|SASL|SCRAM|bootstrap_servers" .
python -m pip show kafka-python
python -m pip freeze | rg '^kafka-python=='

Windows:

rg -n "kafka-python|from kafka|import kafka|KafkaConsumer|KafkaProducer|KafkaAdminClient|SASL|SCRAM|bootstrap_servers" .
python -m pip show kafka-python
python -m pip freeze | rg '^kafka-python=='

Do not connect to untrusted brokers or replay malformed Kafka frames just to prove exposure.

Remediation strategy

  • Upgrade every controlled kafka-python dependency, lockfile, image, wheel cache, SBOM, and generated dependency report to 2.3.2+, preferably the latest available release.
  • If kafka-python is present, remediate CVE-2026-10143 in the same change set unless there is a documented reason to split the PR; both advisories use the same fixed release.
  • Where the repository owns wrappers or forks, enforce sane maximum frame lengths and fail closed on invalid lengths before attempting allocation.
  • Require TLS plus broker authentication strong enough to prevent rogue broker impersonation or on-path manipulation.
  • Add connection-health handling so consumers and producers fail fast and restart cleanly instead of hanging indefinitely after parser errors.
  • If immediate upgrade is blocked, reduce exposure by restricting outbound broker access to known hosts, tightening network ACLs, and disabling third-party or test brokers in shared environments.

The prompt

Model context: this prompt was generated by GPT 5.5 Extra High reasoning.

You are remediating CVE-2026-10142 / GHSA-m3px-q5gj-j9x7, where `kafka-python`
before 2.3.2 trusts a broker-supplied frame length and can exhaust memory or
hang client connections. Produce exactly one output:

- A reviewer-ready PR/change request that upgrades or patches the affected
  Kafka Python client, hardens broker trust boundaries, adds safe regression
  checks, refreshes generated artifacts, and documents operator cleanup, or
- TRIAGE.md if this repository does not control an affected `kafka-python`
  dependency, wrapper, image, deployment, or containment path.

## Rules

- Scope only CVE-2026-10142 / GHSA-m3px-q5gj-j9x7 and directly related Kafka
  frame-length parsing, broker-authentication, and fail-fast connection logic.
- Treat broker credentials, SASL secrets, TLS keys, message payloads, topic
  names, tenant identifiers, and customer data as sensitive.
- Do not connect to untrusted brokers, capture production traffic, or ship a
  malformed-frame proof of concept.
- Do not weaken Kafka authentication or transport security to simplify testing.
- Do not auto-merge.

## Steps

1. Inventory every controlled `kafka-python` reference in source, requirements
   files, lockfiles, vendored code, Dockerfiles, build images, notebooks,
   scripts, CI jobs, and SBOMs.
2. Determine the resolved `kafka-python` version for every deployable target. A
   target is vulnerable if it resolves to `<2.3.2`.
3. Determine how each target reaches Kafka: broker host allow-lists, TLS,
   certificate validation, SASL, mTLS, VPN/private network assumptions, and
   whether brokers are fully trusted or shared.
4. Identify ownership of connection lifecycle behavior: retries, restarts,
   watchdogs, worker recycling, and consumer lag alarms.
5. If this repository does not control an affected dependency or runtime, stop
   with `TRIAGE.md` listing checked files, observed version if known, runtime
   owner, and required fixed version `2.3.2+`.
6. Upgrade all controlled `kafka-python` references to `2.3.2+`. Refresh
   lockfiles, constraints, image layers, SBOMs, and generated dependency
   reports.
7. For owned forks or wrappers, ensure malformed or oversized broker frame
   lengths are rejected before memory allocation and that parser failures close
   and recycle the connection cleanly.
8. Harden containment where this repo owns it:
   - allow outbound Kafka only to approved brokers;
   - require TLS and broker identity validation;
   - keep test or third-party brokers separate from production credentials;
   - add watchdogs or restarts for wedged Kafka workers if missing.
9. Add safe regression checks:
   - dependency resolution rejects `kafka-python <2.3.2`;
   - parser/unit tests cover invalid or oversized frame lengths without using a
     live broker;
   - client failures surface as controlled exceptions or reconnects instead of
     indefinite hangs;
   - logs and metrics expose no secrets or message contents.
10. Add a PR body section named `CVE-2026-10142 operator actions` that states:
    - `kafka-python` versions before and after;
    - which applications or workers used the package;
    - whether any brokers were outside a strongly trusted boundary;
    - whether worker restarts, credential review, or broker-access tightening
      are required;
    - whether CVE-2026-10143 was remediated in the same PR or tracked
      separately;
    - which validation commands passed.
11. Run available validation: dependency install, lockfile integrity, unit
    tests, Kafka client tests, container build, SBOM refresh, and security
    scans.
12. Use PR title:
    `fix(sec): remediate CVE-2026-10142 in kafka-python`.

## Stop conditions

- No affected `kafka-python` package, fork, wrapper, image, or deployment is
  controlled by this repository.
- The only affected runtime is owned by another team or vendor.
- A fixed version cannot be consumed and the repository cannot safely carry a
  reviewed parser-boundary patch or network containment.
- Verification would require production traffic capture, connecting to
  untrusted brokers, or exposing broker credentials or customer messages.
- Validation fails for unrelated pre-existing reasons; document those failures
  instead of broadening scope.

Verification - what the reviewer looks for

  • No controlled dependency source still resolves kafka-python <2.3.2.
  • Parser or wrapper code fails closed on malformed/oversized frame lengths.
  • Client restarts or reconnect behavior is explicit instead of leaving stuck workers silent.
  • Broker trust boundary controls are documented where the repository owns them.
  • Validation covers the parser path without connecting to untrusted brokers.

Output contract

  • Reviewer-ready PR upgrading all controlled kafka-python references to 2.3.2+, refreshing generated artifacts, and documenting affected runtimes.
  • Safe regression coverage for dependency resolution and parser or wrapper frame-length rejection where this repository owns that code.
  • Operator notes for broker trust boundaries, worker restarts, and whether CVE-2026-10143 was fixed in the same change.
  • TRIAGE.md when the repository does not control the vulnerable dependency, runtime, broker boundary, or safe verification path.

Watch for

  • Updating a requirements file while container images, notebooks, or worker layers still resolve the older wheel.
  • Treating a private network as enough while broker identity is not actually authenticated.
  • Fixes that catch the exception but leave the connection half-open and the consumer stuck.
  • Addressing this CVE while leaving the adjacent SCRAM iteration-count issue (CVE-2026-10143) unresolved in the same package.

References