Red Hat Bugzilla – Bug 816153
CVE-2012-2135 python3: Data leaks, memory damage and possible crash in utf-16 decoder
Last modified: 2016-11-08 11:18:57 EST
A security flaw was found in the way the UTF-16 decoder of Python, an interpreted, interactive, object-oriented programming language, handled error messages after processing of certain UTF-16 strings. If a Python UTF-16 module based application provided remote means to accept unsanitized input, a remote attacker could use this flaw to cause denial of service (python executable to leak data, cause memory damage and possibly crash).
Preliminary patches against the v3.2 version:
This issue affects the versions of the python3 package, as shipped with Fedora release of 15 and 16. Please schedule an update.
Created python3 tracking bugs for this issue
Affects: fedora-all [bug 816156]