Python: Multiple integer overflows
Multiple integer overflows may allow for Denial of Service.
python
July 01, 2008
July 01, 2008: 01
216673
217221
remote
2.3.6-r6
2.4.4-r13
2.4.4-r13
Python is an interpreted, interactive, object-oriented programming
language.
Multiple vulnerabilities were discovered in Python:
- David
Remahl reported multiple integer overflows in the file imageop.c,
leading to a heap-based buffer overflow (CVE-2008-1679). This issue is
due to an incomplete fix for CVE-2007-4965.
- Justin Ferguson
discovered that an integer signedness error in the zlib extension
module might trigger insufficient memory allocation and a buffer
overflow via a negative signed integer (CVE-2008-1721).
- Justin
Ferguson discovered that insufficient input validation in the
PyString_FromStringAndSize() function might lead to a buffer overflow
(CVE-2008-1887).
A remote attacker could exploit these vulnerabilities to cause a Denial
of Service or possibly the remote execution of arbitrary code with the
privileges of the user running Python.
There is no known workaround at this time.
The imageop module is no longer built in the unaffected versions.
All Python 2.3 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/python-2.3.6-r6"
All Python 2.4 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/python-2.4.4-r13"
CVE-2008-1679
CVE-2008-1721
CVE-2008-1887
keytoaster
keytoaster