A flaw was found in the _unop() function in python-pillow's math add-on. A specially-crafted image could cause an application using Python Pillow to crash or, potentially, execute arbitrary code. Acknowledgements: This issue was discovered by Francisco Alonso of Red Hat Product Security.
This issue was found while fuzzing PIL/pillow. A specially crafted arguments passed to _imagingmath.unop() trigger crash in the native code of the library. The _imagingmath is an internal helper module used by the ImageMath module, that is not meant to be used directly. The unop() function uses its arguments as pointers, even a function pointer in case of its first argument. Any use case where its called with untrusted arguments would allow code execution. However, that's not how unop() is used in ImageMath, which properly constructs arguments for the function. Contrary to the information in comment 0, observed crash is not triggered by a specially-crafted image, but rather caused by an incorrect function use. Hence this is not a security issue.
Statement: Red Hat Product Security determined that this flaw was not a security vulnerability. See the Bugzilla link for more details.