This causes memory corruption when parsing certain input. This can result in a denial of service.
CVE-2019-15815 In path.c in Pillow before 9.0.0, a crafted ImagePath can cause a buffer overflow when decoding the image data.
CVE-2019-15810 In path.c in Pillow before 9.0.0, there is a potential for a denial of service when decoding certain crafted input.
CVE-2019-15811 In path.c in Pillow before 9.0.0, a crafted input that uses concatenation with a negative length can cause a denial of service.
CVE-2019-15812 In path.c in Pillow before 9.0.0, a crafted input of a type that Pillow doesn't handle can cause a denial of service.
CVE-2019-15813 In path.c in Pillow before 9.0.0, a crafted input that uses a NULL-terminated string can cause a denial of service.
CVE-2019-15814 In path.c in Pillow before 9.0.0, a crafted input can cause a denial of service when decoding certain data.
CVE-2019-15815 In path.c in Pillow before 9.0.0, a crafted input of a type that Pillow handles can cause a buffer overflow.
CVE-2019-15816 In path.c
Potential buffer overflow on input processing
In path.c in Pillow before 9.0.0, there is a potential for a denial of service when decoding certain crafted input because the input is too large and causes the decoder to exceed the size of allocated memory.
There is a potential denial of service in path.c in Pillow before 9.0.0 because of an integer overfl ows during decoding certain crafted input.
#1: The number of characters in the input string is too large for the character array that is used to store it.
#2: The length of a string is greater than or equal to 0xFFFFFFF and less than 256, which causes an integer overflow.
Graphics Library (GL)
The GL (Graphics Library) is a cross-platform, vendor-neutral API that provides hardware acceleration for 3D rendering.
Pillow is a library which makes it easy to use the OS's native graphics stack. It offers a higher level of abstraction than the OS's native OpenGL stack, providing both speed and quality improvements.
Timeline
Published on: 01/10/2022 14:12:00 UTC
Last modified on: 05/04/2022 17:07:00 UTC
References
- https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331
- https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
- https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
- https://www.debian.org/security/2022/dsa-5053
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22815