CVE-2021-3177

CWE-120Classic Buffer Overflow22 documents10 sources
Severity
9.8CRITICAL
EPSS
0.1%
top 78.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Python PythonDebian Debian LinuxFedoraproject Fedora+5 more
Timeline
PublishedJan 19
Latest updateJul 11

Description

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages13 packages

Debianpython2.7< 2.7.18-2
Debianpython3.9< 3.9.1-3
Ubuntupython2.7< 2.7.12-1ubuntu0~16.04.18+8
Ubuntupython3.5< 3.5.2-2ubuntu0~16.04.13
Ubuntupython3.6< 3.6.9-1~18.04ubuntu1.4

Also affects: Debian Linux 9.0, Fedora 32, 33

Patches

Patch: bugs.python.orgPatch: github.comPatch: python-security.readthedocs.io

🔴Vulnerability Details

7
GHSA
GHSA-hc96-xw56-vfwh: Python 32022-05-24
OSV
python2.7 vulnerability2022-02-08
OSV
python2.7 vulnerability2021-03-03
OSV
python2.7, python3.4, python3.5, python3.6, python3.8 vulnerabilities2021-02-25
OSV
python2.7 regression2021-02-25

📋Vendor Advisories

13
Ubuntu
Python vulnerabilities2024-07-11
Oracle
Oracle Oracle Communications Risk Matrix: CNE (Python) — CVE-2021-31772022-07-15
Ubuntu
Python vulnerability2022-02-08
Oracle
Oracle Oracle Enterprise Manager Risk Matrix: Networking (Python) — CVE-2021-31772022-01-15
Oracle
Oracle Oracle Communications Applications Risk Matrix: Pricing (Python) — CVE-2021-31772021-10-15

💬Community

1
HackerOne
Buffer overflow in PyCArg_repr in _ctypes/callproc.c for Python 3.x to 3.9.12021-08-25