CVE-2021-41495

17.12.2021, 20:15

Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is missing, an error can only occur due to an exhaustion of memory. If the user can exhaust memory, they are already privileged. Further, it should be practically impossible to construct an attack which can target the memory exhaustion to occur at exactly this place

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.3 MEDIUM	NETWORK	HIGH	LOW	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 29%

Vendor	Product	Version
numpy	numpy	𝑥 ≤ 1.19.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

numpy

bullseye	unimportant
bookworm	unimportant
sid	unimportant
trixie	unimportant

Ubuntu Releases

Ubuntu Product

Codename

numpy

lunar	not-affected
kinetic	Fixed 1:1.21.5-1ubuntu22.10.1 released
jammy	Fixed 1:1.21.5-1ubuntu22.04.1 released
impish	ignored
hirsute	ignored
focal	Fixed 1:1.17.4-5ubuntu3.1 released
xenial	ignored
trusty	ignored

Known Exploits!

Common Weakness Enumeration

CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

https://github.com/numpy/numpy/issues/19038

https://www.oracle.com/security-alerts/cpujul2022.html

https://github.com/numpy/numpy/issues/19038

https://www.oracle.com/security-alerts/cpujul2022.html