Null Pointer Dereference vulnerability exists in numpy.sort in NumPy < and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. Reference: https://github.com/numpy/numpy/issues/19038
Created python2-numpy tracking bugs for this issue: Affects: epel-7 [bug 2035038] Created python3-numpy tracking bugs for this issue: Affects: epel-7 [bug 2035039]
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.2 Via RHSA-2022:8852 https://access.redhat.com/errata/RHSA-2022:8852
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.1 Via RHSA-2022:8861 https://access.redhat.com/errata/RHSA-2022:8861
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-41495