what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2021-33430

Status Candidate

Overview

** DISPUTED ** A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulneraility; In (very limited) circumstances a user may be able provoke the buffer overflow, the user is most likely already privileged to at least provoke denial of service by exhausting memory. Triggering this further requires the use of uncommon API (complicated structured dtypes), which is very unlikely to be available to an unprivileged user.

Related Files

Ubuntu Security Notice USN-5763-1
Posted Dec 7, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5763-1 - It was discovered that NumPy did not properly manage memory when specifying arrays of large dimensions. If a user were tricked into running malicious Python file, an attacker could cause a denial of service. This issue only affected Ubuntu 20.04 LTS. It was discovered that NumPy did not properly perform string comparison operations under certain circumstances. An attacker could possibly use this issue to cause NumPy to crash, resulting in a denial of service.

tags | advisory, denial of service, python
systems | linux, ubuntu
advisories | CVE-2021-33430, CVE-2021-34141
SHA-256 | 40ada0f71cfe2246d74c5f52c1ed606d4312af2338630c27267a73a8c26a3306
Red Hat Security Advisory 2022-0987-01
Posted Mar 25, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0987-01 - An update for numpy is now available for Red Hat OpenStack Platform 16.1 (Train). Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2021-33430, CVE-2021-41496
SHA-256 | 8f212e13147ff5f1d179357380be23c53ea08e59c04c6df2c4f9bdbe36707630
Red Hat Security Advisory 2022-1000-01
Posted Mar 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1000-01 - A fast multidimensional array facility for Python. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, python
systems | linux, redhat
advisories | CVE-2021-33430, CVE-2021-41496
SHA-256 | 76aa73135456b18c518d7251996c8c9ca909eae28e4bf2fe48da0e967d9c5497
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close