{"id":"PSF-2010-4","summary":"audioop integer overflows","details":"Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5.","aliases":["CVE-2010-1634"],"modified":"2025-10-09T00:55:26.736033Z","published":"2010-05-27T19:00:00Z","database_specific":{"cwe_ids":[]},"references":[{"type":"REPORT","url":"https://bugs.python.org/issue8674"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/python/cpython","events":[{"introduced":"0"},{"fixed":"7ceb497ae6f554274399bd9916ea5a21de443208"},{"fixed":"ee289e6cd5c009e641ee970cfc67996d8f871221"}]}],"versions":["v0.9.8","v0.9.9","v1.0.1","v1.0.2","v1.1","v1.1.1","v1.2","v1.2b1","v1.2b2","v1.2b3","v1.2b4","v1.3","v1.3b1","v1.4","v1.4b1","v1.4b2","v1.4b3","v1.5","v1.5.1","v1.5.2","v1.5.2a1","v1.5.2a2","v1.5.2b1","v1.5.2b2","v1.5.2c1","v1.5a1","v1.5a2","v1.5a3","v1.5a4","v1.5b1","v1.5b2","v1.6a1","v1.6a2","v2.0","v2.0b1","v2.0b2","v2.0c1","v2.1","v2.1a1","v2.1a2","v2.1b1","v2.1b2","v2.1c1","v2.1c2","v2.2a3","v2.3c1","v2.3c2","v2.4","v2.4a1","v2.4a2","v2.4a3","v2.4b1","v2.4b2","v2.4c1","v2.5a0","v2.5a1","v2.5a2","v2.5b1","v2.5b2","v2.5b3","v2.6","v2.6.1","v2.6.2","v2.6.2c1","v2.6.3","v2.6.3rc1","v2.6.4","v2.6.4rc1","v2.6.4rc2","v2.6.5","v2.6.5rc1","v2.6.5rc2","v2.6a1","v2.6a2","v2.6a3","v2.6b1","v2.6b2","v2.6b3","v2.6rc1","v2.6rc2"],"database_specific":{"vanir_signatures":[{"id":"PSF-2010-4-089048ea","target":{"file":"Modules/audioop.c"},"source":"https://github.com/python/cpython/commit/7ceb497ae6f554274399bd9916ea5a21de443208","signature_type":"Line","signature_version":"v1","digest":{"line_hashes":["196221488950172925550644331932534438013","189482937106790974487117451542323051760","128124632389929399064464979486347852305","80366452554841449162056830552976713835","163456086712753299228322560937451675916","143942870675118306613615219700349720885","165100708944452796940240566622174075771","198437367510675418763152917465280530535","82097478808595579467027996374351835359","126519212345464101720242550191032702066","191414195554895176964115909934765792943","265622334341368273968217381202241777350","218724728069995030861719361922075818063","333257063349459487225507178640778406123"],"threshold":0.9},"deprecated":false},{"id":"PSF-2010-4-135d87ef","target":{"file":"Modules/audioop.c"},"source":"https://github.com/python/cpython/commit/ee289e6cd5c009e641ee970cfc67996d8f871221","signature_type":"Line","signature_version":"v1","digest":{"line_hashes":["196221488950172925550644331932534438013","189482937106790974487117451542323051760","128124632389929399064464979486347852305","80366452554841449162056830552976713835","163456086712753299228322560937451675916","143942870675118306613615219700349720885","165100708944452796940240566622174075771","198437367510675418763152917465280530535","82097478808595579467027996374351835359","126519212345464101720242550191032702066","302016707278406119724458255654937869047","5714515429329146646602899079998014199","259508037812439674924927019010023121808","216385772479634061450847157053938661001"],"threshold":0.9},"deprecated":false},{"id":"PSF-2010-4-8201bb1b","target":{"function":"audioop_ratecv","file":"Modules/audioop.c"},"source":"https://github.com/python/cpython/commit/7ceb497ae6f554274399bd9916ea5a21de443208","signature_type":"Function","signature_version":"v1","digest":{"length":3676,"function_hash":"72787498096910933663130686643902866304"},"deprecated":false},{"id":"PSF-2010-4-a12651c7","target":{"function":"audioop_ratecv","file":"Modules/audioop.c"},"source":"https://github.com/python/cpython/commit/ee289e6cd5c009e641ee970cfc67996d8f871221","signature_type":"Function","signature_version":"v1","digest":{"length":3650,"function_hash":"174948461962022499679745888077650851886"},"deprecated":false}],"source":"https://github.com/psf/advisory-database/blob/main/advisories/python/PSF-2010-4.json"}}],"schema_version":"1.7.3"}