While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory could potentially be shared if are transmitted over the wire (for instance with Flight) or persisted in the streaming IPC and file formats.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2019-11-08T18:04:52
Updated: 2024-08-04T23:17:40.008Z
Reserved: 2019-05-28T00:00:00
Link: CVE-2019-12410
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-11-08T19:15:10.287
Modified: 2024-11-21T04:22:47.033
Link: CVE-2019-12410
Redhat
No data.