oss-sec mailing list archives

CVE Request: Python 2.7

From: mancha <mancha1 () zoho com>
Date: Tue, 23 Sep 2014 19:16:27 +0000

Hello.

Python 2.7.8 fixes a potential wraparound in buffer() [1a & 1b] with
possible CWE-200 implications [2].

If not yet assigned, please consider a CVE designation for this issue.

Thanks.

--mancha

(Note: Though the request is for Python 2.7, vulnerable code appears to
exist in EOL'd versions 1.6.1 through 2.6.9 as well)

-------
 
[1a] Issue report: http://bugs.python.org/issue21831
[1b] Upstream fix:
https://hg.python.org/cpython/diff/8d963c7db507/Objects/bufferobject.c

[2]  PoC for Python 2.7:

--- overflow.py ---
import sys
a = bytearray('CVE request')
b = buffer(a, sys.maxsize, sys.maxsize)
print b[:8192]
-------------------

Attachment: _bin
Description:

Current thread:

CVE Request: Python 2.7 mancha (Sep 23)
- Re: CVE Request: Python 2.7 cve-assign (Sep 25)