Null Pointer Dereference vulnerability exists in numpy.sort in NumPy < and 1.19 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is missing, an error can only occur due to an exhaustion of memory. If the user can exhaust memory, they are already privileged. Further, it should be practically impossible to construct an attack which can target the memory exhaustion to occur at exactly this place
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-12-17T19:25:19
Updated: 2024-08-04T03:15:28.284Z
Reserved: 2021-09-20T00:00:00
Link: CVE-2021-41495
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-12-17T20:15:08.477
Modified: 2024-08-04T04:15:39.510
Link: CVE-2021-41495
Redhat