Other IDs this deficiency may be known by:
|Date Last Modified
Version Specific Information:
|Cucumber 1.0 i686||fixed in python3-3.6.4-i686-2 |
|Cucumber 1.0 x86_64||fixed in python3-3.6.4-x86_64-2 |
|Cucumber 1.1 i686
||fixed in python3-3.6.4-i686-2 |
|Cucumber 1.1 x86_64
||fixed in python3-3.6.4-x86_64-2 |
=================================== Overview ===================================
The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4
does not ensure a nonzero channel value, which allows attackers to cause a
denial of service (divide-by-zero error and application crash) via a crafted
wav format audio file.
================================ Initial Report ================================
I found a bug in wave.py because there is no check for self._channel in
_read_fmt_chunk function. When I try to open a wav file which channel is zero,
it will crash bacause of divided by zero in initfp function.
================================= Our Analysis =================================
----- Affected Products -----
Python3 up to and including Python 3.6.4 that has not had the patch from
applied is vulnerable to this. At the time of this writing, 3.6.4 is the latest
version of Python3; future versions may or may not be affected.
----- Scope and Impact of this Vulnerability -----
Allows for an attacker to cause a denial of service (application crash) in any
application using the standard Python wave library on an arbitrary file.
----- Fix for this Vulnerability -----
This vulnerability has been fixed by
================================= Our Solution =================================
We have applied a modified version of the aforementioned patch and rebuilt. Our
modified patch can be found at: