In Python 2.7, Python 3.4 and Python 3.5 there is a possible integer overflow in PyString_DecodeEscape function of the file stringobject.c, which can be abused to gain a heap overflow, possibly leading to arbitrary code execution.
Created python tracking bugs for this issue:
Affects: fedora-all [bug 1519606]
Created python26 tracking bugs for this issue:
Affects: fedora-all [bug 1519602]
Created python3 tracking bugs for this issue:
Affects: fedora-all [bug 1519604]
Created python33 tracking bugs for this issue:
Affects: fedora-all [bug 1519605]
Created python34 tracking bugs for this issue:
Affects: fedora-all [bug 1519601]
Created python35 tracking bugs for this issue:
Affects: fedora-all [bug 1519603]
This issue affects the versions of python as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7, and python27-python, rh-python34-python, and rh-python35-python as shipped with Red Hat Software Collections 3. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
And for 3.4 and 3.5:
"You need to compile a 1 GiB Python file on 32-bit system for reproducing it. It is very unlikely that this can happen by accident, and it is hard to used it in security attack. If you can make the attacked program compiling a 1 GiB Python file, you perhaps have easier ways to make a harm."
"In the highly unlikely but definitely possible situation that we pass it a very large string (in the order of ~1GB on a 32-bit Python install), one can reliably get heap corruption."