Showing 1 - 3 of 3

CVE-2021-33430

Status Candidate

Overview

** DISPUTED ** A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulneraility; In (very limited) circumstances a user may be able provoke the buffer overflow, the user is most likely already privileged to at least provoke denial of service by exhausting memory. Triggering this further requires the use of uncommon API (complicated structured dtypes), which is very unlikely to be available to an unprivileged user.

Related Files

Ubuntu Security Notice USN-5763-1: Posted Dec 7, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5763-1 - It was discovered that NumPy did not properly manage memory when specifying arrays of large dimensions. If a user were tricked into running malicious Python file, an attacker could cause a denial of service. This issue only affected Ubuntu 20.04 LTS. It was discovered that NumPy did not properly perform string comparison operations under certain circumstances. An attacker could possibly use this issue to cause NumPy to crash, resulting in a denial of service.; tags | advisory, denial of service, python; systems | linux, ubuntu; advisories | CVE-2021-33430, CVE-2021-34141; SHA-256 | 40ada0f71cfe2246d74c5f52c1ed606d4312af2338630c27267a73a8c26a3306; Download | Favorite | View

Red Hat Security Advisory 2022-0987-01: Posted Mar 25, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0987-01 - An update for numpy is now available for Red Hat OpenStack Platform 16.1 (Train). Issues addressed include a buffer overflow vulnerability.; tags | advisory, overflow; systems | linux, redhat; advisories | CVE-2021-33430, CVE-2021-41496; SHA-256 | 8f212e13147ff5f1d179357380be23c53ea08e59c04c6df2c4f9bdbe36707630; Download | Favorite | View

Red Hat Security Advisory 2022-1000-01: Posted Mar 24, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1000-01 - A fast multidimensional array facility for Python. Issues addressed include a buffer overflow vulnerability.; tags | advisory, overflow, python; systems | linux, redhat; advisories | CVE-2021-33430, CVE-2021-41496; SHA-256 | 76aa73135456b18c518d7251996c8c9ca909eae28e4bf2fe48da0e967d9c5497; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 250 files
indoushka 146 files
Ubuntu 86 files
Gentoo 32 files
Debian 21 files
LiquidWorm 14 files
Apple 11 files
malvuln 8 files
Google Security Research 7 files
verylazytech 4 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,140)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,531)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,026)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,914)
UNIX (9,469)
UnixWare (188)
Windows (6,784)
Other

CVE-2021-33430

Overview

Related Files

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems