oss-sec mailing list archives
CVE Request: Python 2.7
From: mancha <mancha1 () zoho com>
Date: Tue, 23 Sep 2014 19:16:27 +0000
Hello. Python 2.7.8 fixes a potential wraparound in buffer() [1a & 1b] with possible CWE-200 implications [2]. If not yet assigned, please consider a CVE designation for this issue. Thanks. --mancha (Note: Though the request is for Python 2.7, vulnerable code appears to exist in EOL'd versions 1.6.1 through 2.6.9 as well) ------- [1a] Issue report: http://bugs.python.org/issue21831 [1b] Upstream fix: https://hg.python.org/cpython/diff/8d963c7db507/Objects/bufferobject.c [2] PoC for Python 2.7: --- overflow.py --- import sys a = bytearray('CVE request') b = buffer(a, sys.maxsize, sys.maxsize) print b[:8192] -------------------
Attachment:
_bin
Description:
Current thread:
- CVE Request: Python 2.7 mancha (Sep 23)
- Re: CVE Request: Python 2.7 cve-assign (Sep 25)