python: boundary error within the sock_recvfrom_into() (CVE-2014-1912)
A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912
http://bugs.python.org/issue20246
https://bugzilla.redhat.com/show\_bug.cgi?id=1062370
(from redmine: issue id 2709, created on 2014-02-21, closed on 2014-03-03)
- Relations:
- child #2710 (closed)
- child #2711 (closed)
- child #2712 (closed)
- child #2713 (closed)