Описание
An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
Отчет
Red Hat products using an affected version of numpy are at essentially no risk of exploitation from this vulnerability given the high privileges and high complexity required for successful exploitation. The preconditions necessary to exploit are:
- A privileged user or a non-standard configuration of numpy to provide a non-validated dtype string.
- The ability to execute arbitrary code at runtime. More specifically:
- A user must be able to provide a non-validated dtype string to be parsed by numpy; something that would require a privileged user or a non-standard configuration.
- Even then, the specific code block where the vulnerability is present cannot be reached without the attacker modifying the runtime environment to prevent an error from being thrown earlier in the code (before the string comparison), when the code checks an internal dictionary to determine the validity of the user-provided string type. Such runtime modifications would require executing arbitrary Python code.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | numpy | Not affected | ||
| Red Hat Enterprise Linux 7 | numpy | Not affected | ||
| Red Hat Enterprise Linux 8 | inkscape:flatpak/numpy | Fix deferred | ||
| Red Hat Enterprise Linux 8 | numpy | Fix deferred | ||
| Red Hat Enterprise Linux 8 | python27:2.7/numpy | Fix deferred | ||
| Red Hat Enterprise Linux 8 | python38:3.8/numpy | Fix deferred | ||
| Red Hat Enterprise Linux 8 | python39:3.9/numpy | Fix deferred | ||
| Red Hat Enterprise Linux 9 | numpy | Will not fix | ||
| Red Hat OpenStack Platform 13 (Queens) | numpy | Not affected | ||
| Red Hat OpenStack Platform 16.1 | numpy | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
2.2 Low
CVSS3
Связанные уязвимости
An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
An incomplete string comparison in the numpy.core component in NumPy b ...
EPSS
2.2 Low
CVSS3