Bug 1774066 (CVE-2019-16865) - CVE-2019-16865 python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service
Summary: CVE-2019-16865 python-pillow: reading specially crafted image files leads to ...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2019-16865
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1774067 1774069 1776555 1790813 1790814 1803803 1803829 1804105
Blocks: 1774068
TreeView+ depends on / blocked
 
Reported: 2019-11-19 13:53 UTC by Guilherme de Almeida Suckevicz
Modified: 2020-03-12 01:30 UTC (History)
18 users (show)

Fixed In Version: python-pillow 6.2.0
Doc Type: If docs needed, set a value
Doc Text:
A flaw was discovered in the way the python-pillow may allocate a large amount of memory or require a long time while processing specially crafted image files, possibly causing a denial of service. Applications that use the library to process untrusted files may be vulnerable to this flaw.
Clone Of:
Environment:
Last Closed: 2020-02-21 03:49:38 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2020:0566 0 None None None 2020-02-20 22:16:46 UTC
Red Hat Product Errata RHSA-2020:0578 0 None None None 2020-02-24 13:30:05 UTC
Red Hat Product Errata RHSA-2020:0580 0 None None None 2020-02-24 12:56:47 UTC

Internal Links: 1807387

Description Guilherme de Almeida Suckevicz 2019-11-19 13:53:17 UTC 
An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.

References:
https://pillow.readthedocs.io/en/latest/releasenotes/6.2.0.html
http://www.cvedetails.com/cve/CVE-2019-16865/
Comment 1 Guilherme de Almeida Suckevicz 2019-11-19 13:53:30 UTC 
Created python-pillow tracking bugs for this issue:

Affects: fedora-all [bug 1774067]
Comment 2 Guilherme de Almeida Suckevicz 2019-11-19 13:54:13 UTC 
Created python-pillow tracking bugs for this issue:

Affects: openstack-rdo [bug 1774069]
Comment 5 Riccardo Schirone 2020-01-14 09:09:43 UTC 
Reference:
https://github.com/python-pillow/Pillow/issues/4123

Upstream fixes:
https://github.com/python-pillow/Pillow/commit/b36c1bc943d554ba223086c7efb502d080f73905
https://github.com/python-pillow/Pillow/commit/f228d0ccbf6bf9392d7fcd51356ef2cfda80c75a
https://github.com/python-pillow/Pillow/commit/b9693a51c99c260bd66d1affeeab4a226cf7e5a5
https://github.com/python-pillow/Pillow/commit/cc16025e234b7a7a4dd3a86d2fdc0980698db9cc
Comment 9 errata-xmlrpc 2020-02-20 22:16:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions

Via RHSA-2020:0566 https://access.redhat.com/errata/RHSA-2020:0566
Comment 10 Product Security DevOps Team 2020-02-21 03:49:38 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2019-16865
Comment 11 errata-xmlrpc 2020-02-24 12:56:42 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:0580 https://access.redhat.com/errata/RHSA-2020:0580
Comment 12 errata-xmlrpc 2020-02-24 13:30:04 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:0578 https://access.redhat.com/errata/RHSA-2020:0578
Note You need to log in before you can comment on or make changes to this bug.