Showing 1 - 3 of 3

CVE-2021-33430

Status Candidate

Overview

** DISPUTED ** A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulneraility; In (very limited) circumstances a user may be able provoke the buffer overflow, the user is most likely already privileged to at least provoke denial of service by exhausting memory. Triggering this further requires the use of uncommon API (complicated structured dtypes), which is very unlikely to be available to an unprivileged user.

Related Files

Ubuntu Security Notice USN-5763-1: Posted Dec 7, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5763-1 - It was discovered that NumPy did not properly manage memory when specifying arrays of large dimensions. If a user were tricked into running malicious Python file, an attacker could cause a denial of service. This issue only affected Ubuntu 20.04 LTS. It was discovered that NumPy did not properly perform string comparison operations under certain circumstances. An attacker could possibly use this issue to cause NumPy to crash, resulting in a denial of service.; tags | advisory, denial of service, python; systems | linux, ubuntu; advisories | CVE-2021-33430, CVE-2021-34141; SHA-256 | 40ada0f71cfe2246d74c5f52c1ed606d4312af2338630c27267a73a8c26a3306; Download | Favorite | View

Red Hat Security Advisory 2022-0987-01: Posted Mar 25, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0987-01 - An update for numpy is now available for Red Hat OpenStack Platform 16.1 (Train). Issues addressed include a buffer overflow vulnerability.; tags | advisory, overflow; systems | linux, redhat; advisories | CVE-2021-33430, CVE-2021-41496; SHA-256 | 8f212e13147ff5f1d179357380be23c53ea08e59c04c6df2c4f9bdbe36707630; Download | Favorite | View

Red Hat Security Advisory 2022-1000-01: Posted Mar 24, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1000-01 - A fast multidimensional array facility for Python. Issues addressed include a buffer overflow vulnerability.; tags | advisory, overflow, python; systems | linux, redhat; advisories | CVE-2021-33430, CVE-2021-41496; SHA-256 | 76aa73135456b18c518d7251996c8c9ca909eae28e4bf2fe48da0e967d9c5497; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2021-33430

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems