audioop input validation

Warning

This resource is maintained for historical reference and does not contain the latest vulnerability info for Python.

The canonical database for vulnerabilities affecting Python is available on GitHub in the Open Source Vulnerability (OSV) format. This vulnerability can be viewed online at the Open Source Vulnerability Database.

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse() with a one-byte string, a different vulnerability than CVE-2010-1634.

Dates:

  • Disclosure date: 2010-01-11 (Python issue bpo-7673 reported)

Fixed In

Python issue

audioop: check that length is a multiple of the size.

  • Python issue: bpo-7673
  • Creation date: 2010-01-11
  • Reporter: STINNER Victor

CVE-2010-2089

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.

Timeline

Timeline using the disclosure date 2010-01-11 as reference: