** DISPUTED ** A use-after-free issue was discovered in Py_FindObjects() function in SciPy versions prior to 1.8.0. https://github.com/scipy/scipy/issues/14713 http://www.square16.org/achievement/cve-2023-29824/ https://github.com/scipy/scipy/pull/15013 https://github.com/scipy/scipy/issues/14713#issuecomment-1629468565
Created cura tracking bugs for this issue: Affects: fedora-37 [bug 2221055] Created espresso tracking bugs for this issue: Affects: epel-8 [bug 2221053] Created google-benchmark tracking bugs for this issue: Affects: epel-7 [bug 2221051] Affects: epel-8 [bug 2221054] Affects: fedora-37 [bug 2221056] Affects: fedora-38 [bug 2221058] Created python3-scipy tracking bugs for this issue: Affects: epel-7 [bug 2221052] Created scipy tracking bugs for this issue: Affects: fedora-37 [bug 2221057] Affects: fedora-38 [bug 2221059]
It seems this is not a CVE according to https://github.com/scipy/scipy/issues/14713#issuecomment-1629468565
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:5009 https://access.redhat.com/errata/RHSA-2023:5009