path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. References: https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331 https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
Created mingw-python-pillow tracking bugs for this issue: Affects: fedora-all [bug 2042524] Created python-pillow tracking bugs for this issue: Affects: fedora-all [bug 2042523] Created python3-pillow tracking bugs for this issue: Affects: epel-7 [bug 2042525]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:0609 https://access.redhat.com/errata/RHSA-2022:0609
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:0643 https://access.redhat.com/errata/RHSA-2022:0643
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:0669 https://access.redhat.com/errata/RHSA-2022:0669
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:0665 https://access.redhat.com/errata/RHSA-2022:0665
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:0667 https://access.redhat.com/errata/RHSA-2022:0667
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-22816