oss-sec mailing list archives
CVE Request: heap overflow in Python zipimport module
From: Insu Yun <wuninsu () gmail com>
Date: Wed, 15 Jun 2016 10:28:02 -0400
Hello. In Python zipimport module, if compress != 0, then bytes_size = data_size + 1 data_size is not sanitized, so if data_size = -1, then it overflows and becomes 0. In that case, python allocates small heap, but after that in freed, it overflows heap. Fix info https://bugs.python.org/issue26171 Please help assign a CVE to this vulnerability. Thank you. -- Regards Insu Yun
Current thread:
- CVE Request: heap overflow in Python zipimport module Insu Yun (Jun 15)
- Re: CVE Request: heap overflow in Python zipimport module cve-assign (Jun 16)