USN-6226-1: SciPy vulnerabilities
First published: Thu Jul 13 2023(Updated: )
It was discovered that SciPy did not properly manage memory operations during reference counting. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-25399) A use-after-free was discovered in SciPy when handling reference counts. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2023-29824)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/python3-scipy | <1.8.1-10ubuntu0.22.10.1 | 1.8.1-10ubuntu0.22.10.1 |
| Ubuntu Linux | =22.10 | |
| All of | ||
| ubuntu/python3-scipy | <1.8.0-1exp2ubuntu1+esm1 | 1.8.0-1exp2ubuntu1+esm1 |
| Ubuntu Linux | =22.04 | |
| All of | ||
| ubuntu/python3-scipy | <1.3.3-3ubuntu0.1~esm1 | 1.3.3-3ubuntu0.1~esm1 |
| Ubuntu Linux | =20.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/references
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/weakness
- agent/title
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu linux
- version/ubuntu linux/22.10
- version/ubuntu linux/22.04
- version/ubuntu linux/20.04