CVE-2021-3177: buffer overflow when parsing floats

Bug #1916480 reported by quazgar on 2021-02-22
260
This bug affects 2 people
Affects Status Importance Assigned to Milestone
python3.6 (Ubuntu)
Undecided
Unassigned
python3.8 (Ubuntu)
Undecided
Unassigned

Bug Description

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

See also https://ubuntu.com/security/CVE-2021-3177.

Fixed in 3.6.13.

CVE References

quazgar (quazgar) on 2021-02-22
information type: Private Security → Public Security
Leonidas S. Barbosa (leosilvab) wrote :

Hey there,

There is a security update on going about this issue. Soon it's well tested we will publish it.

Thanks!

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in python3.6 (Ubuntu):
status: New → Confirmed
Changed in python3.8 (Ubuntu):
status: New → Confirmed
Nanush (nanush7) on 2021-02-26
Changed in python3.8 (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers