A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. Reference: https://github.com/numpy/numpy/issues/18939
Created python2-numpy tracking bugs for this issue: Affects: epel-7 [bug 2035035]
Upstream commit: https://github.com/numpy/numpy/commit/ae317fd9ff3e79c0eac357d723bfc29cbd625f2e
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.2 Via RHSA-2022:1000 https://access.redhat.com/errata/RHSA-2022:1000
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.1 Via RHSA-2022:0987 https://access.redhat.com/errata/RHSA-2022:0987
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-33430