What Are You Looking For?

Sign Up
MGASA-2022-0032 - Updated python-numpy packages fix security vulnerability

Publication date: 25 Jan 2022
URL: https://advisories.mageia.org/MGASA-2022-0032.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-33430,
     CVE-2021-41496

Buffer overflow that could lead to DoS in PyArray_NewFromDescr_int function
of ctors.c (bsc#1193913). (CVE-2021-33430)
Buffer overflow that could lead to DoS in array_from_pyobj function of
fortranobject.c (bsc#1193907). (CVE-2021-41496)

References:
- https://bugs.mageia.org/show_bug.cgi?id=29904
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LQS3J3J4254A7C3LD55D7A432FZ2RFFI/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33430
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41496

SRPMS:
- 8/core/python-numpy-1.19.4-1.1.mga8

Mageia 2022-0032: python-numpy security update

Buffer overflow that could lead to DoS in PyArray_NewFromDescr_int function of ctors.c (bsc#1193913)

Summary

Buffer overflow that could lead to DoS in PyArray_NewFromDescr_int function of ctors.c (bsc#1193913). (CVE-2021-33430) Buffer overflow that could lead to DoS in array_from_pyobj function of fortranobject.c (bsc#1193907). (CVE-2021-41496)

References

- https://bugs.mageia.org/show_bug.cgi?id=29904

- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LQS3J3J4254A7C3LD55D7A432FZ2RFFI/

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33430

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41496

Resolution

MGASA-2022-0032 - Updated python-numpy packages fix security vulnerability

SRPMS

- 8/core/python-numpy-1.19.4-1.1.mga8

Severity
Publication date: 25 Jan 2022
URL: https://advisories.mageia.org/MGASA-2022-0032.html
Type: security
CVE: CVE-2021-33430, CVE-2021-41496

Related News

Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

Nov 21, 2023

New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs

Nov 15, 2023

CVE-2023-4911: Looney Tunables – Local Privilege Escalation in the glibc’s ld.so

Oct 19, 2023

Mitigations for Critical c-ares DoS, Code Execution Bug Released

Sep 29, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo