Vulnerability CVE-2021-41495

Vulnerability Name:

CVE-2021-41495 (CCN-215808)

Assigned:

2021-05-19

Published:

2021-05-19

Updated:

2022-07-28

Summary:

** DISPUTED ** Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays.
Note: While correct that validation is missing, an error can only occur due to an exhaustion of memory. If the user can exhaust memory, they are already privileged. Further, it should be practically impossible to construct an attack which can target the memory exhaustion to occur at exactly this place.

CVSS v3 Severity:

5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-476

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2021-41495

Source: XF
Type: UNKNOWN
numpy-cve202141495-dos(215808)

Source: CCN
Type: NumPy GIT Repository
Missing return-value validation of the function PyArray_DescrNew #19038

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://github.com/numpy/numpy/issues/19038

Source: CCN
Type: NumPy Web site
NumPy

Source: CCN
Type: IBM Security Bulletin 6564599 (Watson Discovery)
IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in NumPy

Source: N/A
Type: Third Party Advisory
N/A

Vulnerable Configuration:

Configuration 1:

cpe:/a:numpy:numpy:*:*:*:*:*:*:*:* (Version <= 1.19.0)

Configuration CCN 1:

cpe:/a:numpy:numpy:1.13.1:*:*:*:*:*:*:*

OR cpe:/a:numpy:numpy:1.16.0:*:*:*:*:*:*:*

AND

cpe:/a:ibm:watson_discovery:2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_discovery:2.2.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7776	P	python3-numpy-1.17.3-150400.23.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:95344	P	Security update for python-numpy (Moderate)	2022-08-03
oval:org.opensuse.security:def:3659	P	Security update for python-numpy (Moderate)	2022-08-03
oval:org.opensuse.security:def:5317	P	Security update for python-numpy (Moderate)	2022-08-03
oval:org.opensuse.security:def:3714	P	Security update for python-numpy (Moderate)	2022-08-03
oval:org.opensuse.security:def:6128	P	Security update for python-numpy (Moderate)	2022-08-03
oval:org.opensuse.security:def:95289	P	Security update for python-numpy (Moderate)	2022-08-03
oval:org.opensuse.security:def:662	P	Security update for python-numpy (Moderate)	2022-08-03
oval:org.opensuse.security:def:101865	P	Security update for python2-numpy (Moderate)	2022-03-31
oval:org.opensuse.security:def:102141	P	Security update for python2-numpy (Moderate)	2022-03-31
oval:org.opensuse.security:def:1203	P	Security update for python2-numpy (Moderate)	2022-03-31
oval:org.opensuse.security:def:1580	P	Security update for python2-numpy (Moderate)	2022-03-31

BACK