CVE-2008-2315: Multiple integer overflows (Apple)

Security patches from Apple: prevent integer overflows when allocating memory.

CVE-ID:

  • CVE-2008-1679 (imageop)
  • CVE-2008-1721 (zlib)
  • CVE-2008-1887 (PyString_FromStringAndSize())
  • CVE-2008-2315
  • CVE-2008-2316 (hashlib)
  • CVE-2008-3142 (unicode_resize(), PyMem_RESIZE())
  • CVE-2008-3144 (PyOS_vsnprintf())
  • CVE-2008-4864 (imageop)
  • Disclosure date: 2008-07-31 (commit)
  • Reported by: Apple

Fixed In

CVE-2008-2315

Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.

Timeline

Timeline using the disclosure date 2008-07-31 as reference:

  • 2008-07-31: Disclosure date (commit)
  • 2008-07-31 (+0 days): commit e7d8be8
  • 2008-08-01 (+1 days): CVE-2008-2315 published
  • 2008-08-24 (+24 days): commit 3ce5d92
  • 2008-10-01 (+62 days): Python 2.6.0 released
  • 2008-12-03: Python 3.0.0 released