Описание
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 1.3 | python-crypto | Will not fix | ||
| Red Hat Ceph Storage 2 | python-crypto | Will not fix | ||
| Red Hat Enterprise Linux 6 | python-crypto | Not affected | ||
| Red Hat Enterprise Linux 7 | python-crypto | Not affected | ||
| Red Hat Enterprise Linux OpenStack Platform 6 (Juno) | python-crypto | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) | python-crypto | Will not fix | ||
| Red Hat Enterprise Virtualization 3 | python-crypto | Not affected | ||
| Red Hat OpenShift Enterprise 3 | python-crypto | Will not fix | ||
| Red Hat OpenStack Platform 10 (Newton) | python-crypto | Will not fix | ||
| Red Hat OpenStack Platform 11 (Ocata) | python-crypto | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.
Heap-based buffer overflow in the ALGnew function in block_templace.c ...
EPSS
9.8 Critical
CVSS3