[security-announce] Python 2.7.3: Security update

Sona Sarmadi sona.sarmadi at enea.com
Wed Mar 4 11:24:53 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 		Enea Linux Security Advisory

=========================================================
Product/package: Python 2.7.3
Severity: Moderate
CVE Name: CVE-2014-4616
=========================================================
A securiy patch that fixes _json module arbitrary process
memory read vulnerability is now available at
http://linux.enea.com/4.0/patches:

README file: 0051-python2.7.3-CVE-2014-4616.README
Patch file: 0051-python2.7.3-CVE-2014-4616.patch

Description
===========
Python 2 and 3 are susceptible to arbitrary process memory reading
by a user or adversary due to a bug in the _json module caused by
insufficient bounds checking.

The sole prerequisites of this attack are that the attacker is able
to control or influence the two parameters of the default scanstring
function: the string to be decoded and the index. The bug is caused
by allowing the user to supply a negative index value. The index value
is then used directly as an index to an array in the C code;
internally the address of the array and its index are added to each
other in order to yield the address of the value that is desired.
However, by supplying a negative index value and adding this to the
address of the array, the processor's register value wraps around
and the calculated value will point to a position in memory which
isn't within the bounds of the supplied string, causing the function
to access other parts of the process memory.

References
==========
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4616
http://bugs.python.org/issue21529

How to apply the patches
=======================
- - Preparation
Make sure that you have an installation of Enea Linux and have
applied the existing patches in the right order

wget http://linux.enea.com/4.0/Enea-Linux-4.0.tar.gz
tar zxf Enea-Linux-4.0.tar.gz
cd Enea-Linux-4.0/poky/
<Fetch and apply the existing patches >

- - Fetch and apply the new patch
wget
http://linux.enea.com/4.0/patches/0051-python2.7.3-CVE-2014-4616.patch
patch -p1 < ./0051-python2.7.3-CVE-2014-4616.patch

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com

This message, including attachments, is CONFIDENTIAL. It may also be
privileged or otherwise protected by law. If you received this email
by mistake please let us know by reply and then delete it from your
system; you should not copy it or disclose its contents to anyone.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJU9t11AAoJEHc+9u9ocWoUK6wP/iZVlkt2akHxnDw49iw5fD0T
XkgoNXcVlW5evhqMWea2O8lvIk/mH+beIjfCnt8cjm7qexybfn8yDs+bSOz3Vv+l
QLH6xDuATRhl2mhpGo9xn+g20NXAinViBIiWlBD6B4F9DXek2BEBITDNcaBU0ejW
wcUmz+DOys5+w9MmYLs6BxfS/LaGtyOe3/O862d4QvzJQGa9+wS29nSZjTrq6dRb
VX+6Jk0PNCLNN9xqE9q9L4y7K3eWZZNZOiOaG8OfkQZeYfPVpKQk+6vbuLOXlCi4
VDOWBMDzbWTm5PttSQzTz37wh8a68KclJbcpXrfi9uzdM1WMiVLItSRxnvyjRSO8
wGqilVbS80MHcvbCyfsltXvURzYW60RxgHuojkQPCUgVKyEulvU9cRuYelpb5PQP
+UBA6x2kZQQr8rCxz8FgueRrRcdjNhONdt7b/VtWqA++xZ2dSJQTQajgkQO55+DH
d44acMdnsR9jkCoNV/7oX+Te6hRIfAkVxhakeDdnwYjaQuqrre32FlaVzSOa/LFL
/jyQmr2lMg1M83nZgzH01RuyR5ZDR7c/YaCff70q3VZ0x0cZRmbmRic6QVinxNem
cjfKNhMfE7QMH570dy2IUKQf4FBxmFEGH0I6fe1bXLZ4EQrxsw0JX2Xfd8S2iBNk
TMdOhpKxnRw+0+I0MB2L
=6sfe
-----END PGP SIGNATURE-----



More information about the security-announce mailing list