Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 10 Jun 2016 17:02:58 -0400
From: Insu Yun <>
To:, Yeongjin Jang <>
Subject: CVE-Request: heap overflow in Python

In zipimport module,
if compress != 0, then bytes_size = data_size + 1
data_size is not sanitized, so if data_size = -1,
then it overflows and becomes 0.
In that case bytes_size becomes 1 and python allocates small heap,
but after that in fread, it overflows heap.

Fix info

Please help assign a CVE to this vulnerability.

Thank you.

Insu Yun

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ