Back to bug 2220864
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Rohit Keshri | 2023-07-06 10:26:50 UTC | Summary | platform: refcounting issue leads to potential memory leak | scipy: refcounting issue leads to potential memory leak |
| Rohit Keshri | 2023-07-06 10:27:45 UTC | Alias | TRIAGE-CVE-2023-25399 | |
| Summary | scipy: refcounting issue leads to potential memory leak | TRIAGE-CVE-2023-25399 scipy: refcounting issue leads to potential memory leak | ||
| TEJ RATHI | 2023-07-06 11:03:51 UTC | CC | jkoehler, kaycoth, kshier, rbobbitt, stcannon | |
| Rohit Keshri | 2023-07-07 05:03:43 UTC | Depends On | 2221023, 2221029, 2221028, 2221026, 2221031, 2221027, 2221030, 2221024, 2221025 | |
| TEJ RATHI | 2023-07-07 06:48:34 UTC | CC | hhorak, jorton, mmuzila, nforro, python-maint | |
| TEJ RATHI | 2023-07-07 07:19:30 UTC | Depends On | 2221067, 2221065, 2221064, 2221069, 2221070, 2221066, 2221068 | |
| Red Hat Bugzilla | 2023-07-07 08:28:43 UTC | Assignee | security-response-team | nobody |
| Petr Viktorin | 2023-07-10 06:20:36 UTC | CC | pviktori | |
| TEJ RATHI | 2023-07-11 04:22:14 UTC | CC | dfreiber, jburrell, rogbas, vkumar | |
| TEJ RATHI | 2023-07-19 10:18:25 UTC | Comment | 0 | updated |
| TEJ RATHI | 2023-07-19 10:27:00 UTC | Alias | TRIAGE-CVE-2023-25399 | CVE-2023-25399 |
| Summary | TRIAGE-CVE-2023-25399 scipy: refcounting issue leads to potential memory leak | CVE-2023-25399 scipy: refcounting issue leads to potential memory leak | ||
| Doc Text | SciPy is vulnerable to a denial of service, caused by a memory leak flaw in the Py_FindObjects() function due to new reference is not decreased. A local attacker could exploit this vulnerability, by sending a specially crafted request, forcing the application to leak memory and perform a denial of service attack. | |||
| RaTasha Tillery-Smith | 2023-07-19 12:59:10 UTC | Doc Text | SciPy is vulnerable to a denial of service, caused by a memory leak flaw in the Py_FindObjects() function due to new reference is not decreased. A local attacker could exploit this vulnerability, by sending a specially crafted request, forcing the application to leak memory and perform a denial of service attack. | A flaw was found in SciPy, where it is vulnerable to a denial of service caused by a memory leak flaw in the Py_FindObjects() function due to a new reference not being decreased. This flaw allows a local attacker to send a specially crafted request, forcing the application to leak memory and perform a denial of service attack. |
Back to bug 2220864