Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html below:

Buffer overflow in PyCArg_repr — Python Security 0.0 documentation

Warning

This resource is maintained for historical reference and does not contain the latest vulnerability info for Python.

The canonical database for vulnerabilities affecting Python is available on GitHub in the Open Source Vulnerability (OSV) format. This vulnerability can be viewed online at the Open Source Vulnerability Database.

There’s a buffer overflow in the ctypes PyCArg_repr() function.

Dates:

• Disclosure date: 2021-01-16 (Python issue bpo-42938 reported)

• Python 3.6.13 (2021-02-16) fixed by commit 34df10a (branch 3.6) (2021-01-18)

• Python 3.7.10 (2021-02-16) fixed by commit d9b8f13 (branch 3.7) (2021-01-18)

• Python 3.8.8 (2021-02-19) fixed by commit ece5dfd (branch 3.8) (2021-01-18)

• Python 3.9.2 (2021-02-19) fixed by commit c347cbe (branch 3.9) (2021-01-18)

• Python 3.10.0 (2021-10-04) fixed by commit 916610e (branch 3.10) (2021-01-18)

[security][CVE-2021-3177] ctypes double representation BoF.

• Python issue: bpo-42938

• Creation date: 2021-01-16

• Reporter: Jordy Zomer

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

• CVE ID: CVE-2021-3177

• Published: 2021-01-19

• CVSS Score: 7.5

Timeline using the disclosure date 2021-01-16 as reference:

• 2021-01-16: Python issue bpo-42938 reported by Jordy Zomer

• 2021-01-18 (+2 days): commit 34df10a (branch 3.6)

• 2021-01-18 (+2 days): commit 916610e (branch 3.10)

• 2021-01-18 (+2 days): commit c347cbe (branch 3.9)

• 2021-01-18 (+2 days): commit d9b8f13 (branch 3.7)

• 2021-01-18 (+2 days): commit ece5dfd (branch 3.8)

• 2021-01-19 (+3 days): CVE-2021-3177 published

• 2021-02-16 (+31 days): Python 3.6.13 released

• 2021-02-16 (+31 days): Python 3.7.10 released

• 2021-02-19 (+34 days): Python 3.8.8 released

• 2021-02-19 (+34 days): Python 3.9.2 released

• 2021-10-04: Python 3.10.0 released

• https://access.redhat.com/security/cve/cve-2021-3177

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4