CVE-2014-4616: JSONDecoder.raw_decode

Fix arbitrary memory access in JSONDecoder.raw_decode() with a negative second parameter.

Note: The issue #21529 was created at 2014-05-19, after the commit.

  • Disclosure date: 2014-04-13 (commit)
  • Reported by: Guido Vranken
  • Red Hat impact: Moderate

Fixed In

Python issue

JSON module: reading arbitrary process memory.

  • Python issue: issue #21529
  • Creation date: 2014-05-19
  • Reporter: Benjamin Peterson

Timeline

Timeline using the disclosure date 2014-04-13 as reference:

  • 2014-04-13: Disclosure date (commit)
  • 2014-04-14 (+1 days): commit 6c939cb
  • 2014-04-14 (+1 days): commit 99b5afa
  • 2014-05-18 (+35 days): Python 3.4.1 released
  • 2014-05-19 (+36 days): Python issue #21529 reported by Benjamin Peterson
  • 2014-05-31 (+48 days): Python 2.7.7 released
  • 2014-10-11 (+181 days): Python 3.2.6 released
  • 2014-10-11 (+181 days): Python 3.3.6 released
  • 2015-09-09: Python 3.5.0 released