[Bug 2042511] New: CVE-2022-22815 python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Bug ID: 2042511 Summary: CVE-2022-22815 python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: gsuckevi@redhat.com CC: bdettelb@redhat.com, cstratak@redhat.com, epel-packagers-sig@lists.fedoraproject.org, infra-sig@lists.fedoraproject.org, manisandro@gmail.com, miminar@redhat.com, orion@nwra.com, python-maint@redhat.com, python-sig@lists.fedoraproject.org, torsava@redhat.com Target Milestone: --- Classification: Other
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
References: https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae... https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagep...
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Guilherme de Almeida Suckevicz gsuckevi@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |2042512, 2042513, 2042514
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=2042512 [Bug 2042512] CVE-2022-22815 mingw-python-pillow: python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2042513 [Bug 2042513] CVE-2022-22815 python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2042514 [Bug 2042514] CVE-2022-22815 python3-pillow: python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
--- Comment #1 from Guilherme de Almeida Suckevicz gsuckevi@redhat.com --- Created mingw-python-pillow tracking bugs for this issue:
Affects: fedora-all [bug 2042512]
Created python-pillow tracking bugs for this issue:
Affects: fedora-all [bug 2042513]
Created python3-pillow tracking bugs for this issue:
Affects: epel-7 [bug 2042514]
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Guilherme de Almeida Suckevicz gsuckevi@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2042533
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Sandipan Roy saroy@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed In Version| |Pillow 9.0.0
--- Doc Text *updated* --- A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, which can lead to a Buffer Over-read and Improper Initialization. This flaw allows an attacker to access memory that leads us to memory access errors, incorrect results, crashes,
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Sandipan Roy saroy@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |2048363
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
--- Doc Text *updated* by Sandipan Roy saroy@redhat.com --- A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, which can lead to a Buffer Over-read and Improper Initialization. This flaw allows an attacker to unauthorized memory access that leads us to memory access errors, incorrect results or crashes,
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
--- Doc Text *updated* by RaTasha Tillery-Smith rtillery@redhat.com --- A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacker to unauthorized memory access that causes memory access errors, incorrect results, or crashes.
https://bugzilla.redhat.com/show_bug.cgi?id=2042511 Bug 2042511 depends on bug 2042512, which changed state.
Bug 2042512 Summary: CVE-2022-22815 mingw-python-pillow: python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2042512
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=2042511 Bug 2042511 depends on bug 2042513, which changed state.
Bug 2042513 Summary: CVE-2022-22815 python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2042513
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
--- Doc Text *updated* by Riccardo Schirone rschiron@redhat.com --- A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacker to access unauthorized memory that causes memory access errors, incorrect results, or crashes.
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Riccardo Schirone rschiron@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(cstratak@redhat.c | |om)
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Charalampos Stratakis cstratak@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(cstratak@redhat.c | |om) |
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
--- Doc Text *updated* by Sandipan Roy saroy@redhat.com --- A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to improperly initializing the ImagePath. This flaw allows an attacker to access unauthorized memory that causes memory access errors, incorrect results, or crashes.
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Riccardo Schirone rschiron@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(cstratak@redhat.c | |om)
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Charalampos Stratakis cstratak@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(cstratak@redhat.c | |om) |
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Riccardo Schirone rschiron@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |2048375
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
--- Comment #10 from Product Security DevOps Team prodsec-dev@redhat.com --- This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
https://access.redhat.com/security/cve/cve-2022-22815
https://bugzilla.redhat.com/show_bug.cgi?id=2042511
Product Security DevOps Team prodsec-dev@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |ERRATA Status|NEW |CLOSED Last Closed| |2022-05-06 03:15:19
epel-packagers-sig@lists.fedoraproject.org
-
bugzilla@redhat.com