Listen to this Post
How the CVE Works:
A heap buffer overflow occurs in Pillow (Python Imaging Library) when processing large DDS-format images (>64k encoded with default settings). The vulnerability arises due to insufficient bounds checking when writing compressed DDS data, allowing an attacker to overwrite adjacent memory. This can lead to arbitrary code execution or crashes. The issue stems from Pillow 11.2.0, where DDS support was introduced. Attackers exploiting this could craft malicious DDS files, triggering uncontrolled writes limited only by process segmentation faults.
DailyCVE Form:
Platform: Pillow (Python Imaging Library)
Version: 11.2.0+
Vulnerability: Heap Buffer Overflow
Severity: Critical
Date: 2024-03-15
Prediction: Patch expected by 2024-04-10
What Undercode Say:
$ python3 -m pip show pillow Check installed version $ dds_exploit.py --generate malicious.dds Proof-of-concept
How Exploit:
- Craft oversized DDS image (>64k) with malicious payload.
- Trigger overflow via `Image.save()` in vulnerable Pillow versions.
- Exploit uncontrolled heap write for RCE or DoS.
Protection from this CVE:
- Upgrade to Pillow >=12.0.0 (once patched).
- Disable DDS support if unused via runtime checks.
- Sanitize untrusted image inputs before processing.
Impact:
- Remote Code Execution (RCE) via crafted DDS.
- Denial-of-Service (DoS) crashes.
- Memory corruption leading to data leaks.
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
