Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 832736 (CVE-2021-41495) - <dev-python/numpy-1.22.2: null pointer dereference
Summary: <dev-python/numpy-1.22.2: null pointer dereference
Alias: CVE-2021-41495
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Depends on: 832750
  Show dependency tree
Reported: 2022-02-05 04:08 UTC by John Helmert III
Modified: 2022-02-05 09:01 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2022-02-05 04:08:50 UTC

"Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays."

Already bumped, so please stabilize when ready.