2272563 – (CVE-2024-28219) CVE-2024-28219 python-pillow: buffer overflow in _imagingcms.c

Bug 2272563 (CVE-2024-28219) - CVE-2024-28219 python-pillow: buffer overflow in _imagingcms.c

Summary: CVE-2024-28219 python-pillow: buffer overflow in _imagingcms.c

Keywords:
Status:	NEW
Alias:	CVE-2024-28219
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2272569 2272567 2272568
Blocks:	2272557
TreeView+	depends on / blocked

Reported:	2024-04-01 23:34 UTC by Robb Gatica
Modified:	2025-04-01 08:28 UTC (History)
CC List:	34 users (show)
Fixed In Version:	pillow 10.3.0
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2024:3781	None	None	None	2024-06-10 18:37:39 UTC
Red Hat Product Errata	RHSA-2024:4227	None	None	None	2024-07-02 15:20:28 UTC
Red Hat Product Errata	RHSA-2024:5662	None	None	None	2024-08-20 20:30:41 UTC

Description Robb Gatica 2024-04-01 23:34:37 UTC

In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

Reference:
https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security

Upstream patch:
https://github.com/python-pillow/Pillow/commit/2a93aba5cfcf6e241ab4f9392c13e3b74032c061

Comment 1 Robb Gatica 2024-04-01 23:48:24 UTC

Created python-pillow tracking bugs for this issue:

Affects: fedora-all [bug 2272567]


Created python3-pillow tracking bugs for this issue:

Affects: epel-all [bug 2272569]

Comment 5 errata-xmlrpc 2024-06-10 18:37:37 UTC

This issue has been addressed in the following products:

  Red Hat Ansible Automation Platform 2.4 for RHEL 9
  Red Hat Ansible Automation Platform 2.4 for RHEL 8

Via RHSA-2024:3781 https://access.redhat.com/errata/RHSA-2024:3781

Comment 6 errata-xmlrpc 2024-07-02 15:20:26 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:4227 https://access.redhat.com/errata/RHSA-2024:4227

Comment 7 joyu 2024-08-06 22:41:43 UTC

Hi Redhat team,

May I know if Red Hat Enterprise Linux 9 is impacted?

Comment 8 errata-xmlrpc 2024-08-20 20:30:38 UTC

This issue has been addressed in the following products:

  Red Hat Satellite 6.15 for RHEL 8

Via RHSA-2024:5662 https://access.redhat.com/errata/RHSA-2024:5662

Note You need to log in before you can comment on or make changes to this bug.

adudiak
bbuckingham
bcourt
bdettelb
davidn
ehelms
epacific
hkataria
jcammara
jhardy
jmitchel
jneedle
jobarker
joyu
jsherril
jtanner
kaycoth
kholdawa
kshier
lzap
mabashia
mhulan
nmoumoul
omaciel
orabin
pcreech
rbobbitt
rchan
simaishi
smcdonal
stcannon
teagle
yguenane
zsadeh