CVE-2010-1634Integer Overflow or Wraparound in Python

CWE-190Integer Overflow or WraparoundCWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-787Out-of-bounds Write18 documents8 sources
Severity
5.0MEDIUMNVD
CNA7.5OSV7.5
EPSS
1.2%
top 20.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
PythonCanonical Ubuntu LinuxFedoraproject Fedora+2 more
Timeline
PublishedMay 27
Latest updateMay 13

Description

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

NVDpython/python2.5.02.5.6+2
NVDopensuse/opensuse11.2, 11.3+1

Also affects: Fedora 13, Ubuntu Linux 10.04, 11.04, 11.10, 8.04

Patches

Patch: bugs.python.orgPatch: svn.python.orgPatch: svn.python.org

🔴Vulnerability Details

6
GHSA
GHSA-gr62-2592-229q: Multiple integer overflows in audioop2022-05-13
GHSA
GHSA-8428-fhph-pvrc: The audioop module in Python 22022-05-13
OSV
CVE-2010-1634: Multiple integer overflows in audioop2010-05-27
OSV
CVE-2010-2089: The audioop module in Python 22010-05-27
CVEList
CVE-2010-1634: Multiple integer overflows in audioop2010-05-27

📋Vendor Advisories

8
Ubuntu
Python 3.1 vulnerabilities2012-10-24
Ubuntu
Python 2.5 vulnerabilities2012-10-17
Ubuntu
Python 2.4 vulnerabilities2012-10-17
Ubuntu
Python 2.6 vulnerabilities2012-10-04
Red Hat
python: audioop: incorrect integer overflow checks2010-05-10

💬Community

2
Bugzilla
CVE-2010-2089 Python: Memory corruption in audioop module2010-05-31
Bugzilla
CVE-2010-1634 python: audioop: incorrect integer overflow checks2010-05-10
CVE-2010-1634 — Integer Overflow or Wraparound | cvebase