Date: Tue, 23 Sep 2014 19:16:27 +0000 From: mancha <mancha1@...o.com> To: oss-security@...ts.openwall.com Subject: CVE Request: Python 2.7 Hello. Python 2.7.8 fixes a potential wraparound in buffer() [1a & 1b] with possible CWE-200 implications . If not yet assigned, please consider a CVE designation for this issue. Thanks. --mancha (Note: Though the request is for Python 2.7, vulnerable code appears to exist in EOL'd versions 1.6.1 through 2.6.9 as well) ------- [1a] Issue report: http://bugs.python.org/issue21831 [1b] Upstream fix: https://hg.python.org/cpython/diff/8d963c7db507/Objects/bufferobject.c  PoC for Python 2.7: --- overflow.py --- import sys a = bytearray('CVE request') b = buffer(a, sys.maxsize, sys.maxsize) print b[:8192] ------------------- [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ