Python: Multiple integer overflows
1.
Gentoo Linux Security Advisory
Version Information
| Advisory Reference |
GLSA 200807-01 / python |
| Release Date |
July 01, 2008 |
| Latest Revision |
July 01, 2008: 01 |
| Impact |
normal |
| Exploitable |
remote |
| Package |
Vulnerable versions |
Unaffected versions |
Architecture(s) |
| dev-lang/python |
<
2.4.4-r13 |
revision >=
2.3.6-r6,
>=
2.4.4-r13 |
All supported architectures
|
Related bugreports:
#216673, #217221
Synopsis
Multiple integer overflows may allow for Denial of Service.
2.
Impact Information
Background
Python is an interpreted, interactive, object-oriented programming
language.
Description
Multiple vulnerabilities were discovered in Python:
- David
Remahl reported multiple integer overflows in the file imageop.c,
leading to a heap-based buffer overflow (CVE-2008-1679). This issue is
due to an incomplete fix for CVE-2007-4965.
- Justin Ferguson
discovered that an integer signedness error in the zlib extension
module might trigger insufficient memory allocation and a buffer
overflow via a negative signed integer (CVE-2008-1721).
- Justin
Ferguson discovered that insufficient input validation in the
PyString_FromStringAndSize() function might lead to a buffer overflow
(CVE-2008-1887).
Impact
A remote attacker could exploit these vulnerabilities to cause a Denial
of Service or possibly the remote execution of arbitrary code with the
privileges of the user running Python.
3.
Resolution Information
Workaround
There is no known workaround at this time.
Resolution
The imageop module is no longer built in the unaffected versions.
All Python 2.3 users should upgrade to the latest version:
Code Listing 3.1: Resolution |
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/python-2.3.6-r6"
|
All Python 2.4 users should upgrade to the latest version:
Code Listing 3.2: Resolution |
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/python-2.4.4-r13"
|
4.
References
|
