Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Python | Python | 3.1 | 3.1 |
Python | Python | 3.2 | 3.2 |
Red Hat Enterprise Linux 4 | RedHat | python-0:2.3.4-14.10.el4 | * |
Red Hat Enterprise Linux 5 | RedHat | python-0:2.4.3-43.el5 | * |
Python2.4 | Ubuntu | dapper | * |
Python2.4 | Ubuntu | hardy | * |
Python2.4 | Ubuntu | jaunty | * |
Python2.4 | Ubuntu | karmic | * |
Python2.5 | Ubuntu | hardy | * |
Python2.5 | Ubuntu | jaunty | * |
Python2.5 | Ubuntu | karmic | * |
Python2.6 | Ubuntu | jaunty | * |
Python2.6 | Ubuntu | karmic | * |
Python2.6 | Ubuntu | lucid | * |
Python2.6 | Ubuntu | upstream | * |
Python2.7 | Ubuntu | upstream | * |
Python3.1 | Ubuntu | lucid | * |
Python3.1 | Ubuntu | upstream | * |
Python3.2 | Ubuntu | upstream | * |