Binary Defense recommends that all Python users update their Python to 3.8.8 or 3.9.2. In order to exploit CVE-2021-3177, an attacker would need to pass a malicious input as a floating-point number that would be evaluated as a command line argument to a Python script and then passed through the repr() function, which is likely if command line arguments are stored in a log file. The other requirements for the argument to be both a valid floating-point number and also machine code that overflows the stack make it very difficult to exploit, but it illustrates an important point that can be applied to all software development security efforts: never trust user input. Any opportunity that a remote user may have to supply any value that is used by a computer program must be treated with extreme care and filtered as early as possible on the server side (not in client code that can be altered by an attacker) to ensure that values are always within expected ranges that make sense in the context of the application.

The Python Software Foundation release notes can be found here: https://blog.python.org/2021/02/python-392-and-388-are-now-available.html

Read more at ZDNet: https://www.zdnet.com/article/python-programming-language-hurries-out-update-to-tackle-remote-code-vulnerability/