Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 523792 (CVE-2014-7185) - <dev-lang/python-2.7.9-r1: potential buffer overflow (CVE-2014-7185)
Summary: <dev-lang/python-2.7.9-r1: potential buffer overflow (CVE-2014-7185)
Status: RESOLVED FIXED
Alias: CVE-2014-7185
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: A2 [glsa]
Keywords:
Depends on: CVE-2014-9365
Blocks:
  Show dependency tree
 
Reported: 2014-09-26 13:24 UTC by Agostino Sarubbo
Modified: 2015-03-18 22:36 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2014-09-26 13:24:58 UTC
From ${URL} :

It was reported [1] that Python 2.7.8 fixes a potential wraparound in buffer() with possible 
CWE-200 implications.
Though the request says "Python 2.7", vulnerable code appears to exist in EOL'd versions 1.6.1 
through 2.6.9 as well
PoC:

--- overflow.py ---
import sys
a = bytearray('here be dragons')
b = buffer(a, sys.maxsize, sys.maxsize)
print b[:8192]
-------------------

Upstream fix is in [2]

[1]: http://seclists.org/oss-sec/2014/q3/638
[2]: https://hg.python.org/cpython/diff/8d963c7db507/Objects/bufferobject.c


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Mike Gilbert gentoo-dev 2014-09-26 14:35:03 UTC
Wouldn't this be covered by the python-2.7.8 ebuild already in the tree?
Comment 2 Agostino Sarubbo gentoo-dev 2014-11-28 14:18:57 UTC
(In reply to Mike Gilbert from comment #1)
> Wouldn't this be covered by the python-2.7.8 ebuild already in the tree?

yes
Comment 3 Mike Gilbert gentoo-dev 2014-11-28 15:56:21 UTC
Please proceed with stabilization then.
Comment 4 Yury German Gentoo Infrastructure gentoo-dev Security 2014-12-27 02:45:37 UTC
stabilizing <dev-lang/python-2.7.9-r1 as part of bug 532232
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2015-01-11 02:20:27 UTC
CVE-2014-7185 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7185):
  Integer overflow in bufferobject.c in Python before 2.7.8 allows
  context-dependent attackers to obtain sensitive information from process
  memory via a large size and offset in a "buffer" function.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2015-03-18 22:36:26 UTC
This issue was resolved and addressed in
 GLSA 201503-10 at https://security.gentoo.org/glsa/201503-10
by GLSA coordinator Kristian Fiskerstrand (K_F).