CVE-2026-59198
Homebrew Analisi e mitigazione delle vulnerabilità

Panoramica

CVE-2026-59198 is a heap out-of-bounds read vulnerability in Pillow's TGA RLE encoder that allows adjacent process heap memory to be serialized into generated TGA image files. Affecting Pillow versions 5.2.0 through 12.2.0, the flaw was disclosed on July 14, 2026, and is fixed in version 12.3.0. The vulnerability carries a CVSS v3.1 base score of 7.5 (High) per NVD, or 6.5 (Moderate) per the GitHub Security Advisory (GitHub Advisory).

Dettagli tecnici

The root cause is an out-of-bounds read (CWE-125) in src/libImaging/TgaRleEncode.c. When saving a mode "1" (1-bit black-and-white) image with TGA RLE compression, Pillow's _setimage() function in src/encode.c allocates a packed row buffer of ceil(width / 8) bytes — the correct size for a 1-bit-per-pixel format. However, ImagingTgaRleEncode() computes bytesPerPixel = (state->bits + 7) / 8 = 1, treating the row as one full byte per pixel and using pixel indexes as byte offsets. This mismatch causes the encoder to read far beyond the allocated buffer: at the maximum TGA width of 65535, the allocated buffer is 8192 bytes but the encoder walks 65535 bytes, creating an out-of-bounds window of up to 57343 bytes. The out-of-bounds bytes are then copied into the output TGA file via memcpy() in packet payload writes of up to 128 bytes each. The fix (PR #9709, commit eada3cb) raises an OSError when attempting to save a mode "1" image with tga_rle compression, since the TGA format specification does not define a black-and-white RLE data type (GitHub Advisory, Fix Commit).

Impatto

Successful exploitation results in a high-severity information disclosure: up to ~57 KB of adjacent process heap memory can be embedded into a single output TGA file, with demonstrated coverage of 99.92% of the maximum adjacent heap window in testing on Pillow 12.2.0. This heap data may contain sensitive information such as cryptographic keys, session tokens, passwords, or other in-memory application data processed by the host application. There is no integrity or availability impact, but the confidentiality impact is rated High. The vulnerability is exploitable remotely if an attacker can supply a crafted mode "1" image to an application that saves it with TGA RLE compression (GitHub Advisory).

Passaggi di sfruttamento

  1. Identify a target application: Find a web service or application that accepts image uploads and uses Pillow to save images in TGA format with RLE compression (i.e., calls im.save(..., format="TGA", compression="tga_rle") or rle=True on user-supplied images).
  2. Craft a malicious mode "1" image: Create a 1-bit (mode "1") image using Pillow or any image tool. For maximum heap disclosure, use the maximum TGA width of 65535 pixels:
import io
from PIL import Image
out = io.BytesIO()
Image.new("1", (65535, 1), 0).save(out, format="TGA", compression="tga_rle")
  1. Submit the image to the target: Upload or send the crafted mode "1" image to the vulnerable application, triggering the server-side TGA RLE save operation.
  2. Retrieve the output TGA file: Obtain the generated TGA file from the application's response or storage.
  3. Extract out-of-bounds heap bytes: Parse the TGA packet structure to identify and extract payload bytes whose source offsets fall outside the allocated packed row buffer (offsets >= ceil(width / 8)), recovering up to ~57 KB of adjacent heap memory.
  4. Analyze leaked heap data: Inspect the extracted bytes for sensitive information such as cryptographic material, session tokens, or application secrets (GitHub Advisory).

Indicatori di compromesso

  • Network: Unusual upload requests containing 1-bit (mode "1") images, particularly with maximum or near-maximum TGA width (up to 65535 pixels); responses containing unexpectedly large TGA files from image processing endpoints.
  • File System: Generated TGA files with anomalously large sizes relative to the input image dimensions; TGA files with RLE-encoded payloads containing non-image binary data patterns.
  • Logs: Application logs showing repeated image save operations with format=TGA and compression=tga_rle or rle=True parameters on mode "1" images; ASAN or memory sanitizer alerts referencing TgaRleEncode.c or comparePixels if instrumented builds are in use.
  • Process: Unexpected memory reads flagged by heap monitoring tools (e.g., Valgrind, AddressSanitizer) in the Pillow C extension, specifically in ImagingTgaRleEncode (GitHub Advisory).

Mitigazione e soluzioni alternative

Upgrade Pillow to version 12.3.0 or later, which raises an OSError when attempting to save a mode "1" image with TGA RLE compression, preventing the out-of-bounds read entirely (Pillow Release, Fix Commit). If immediate patching is not possible, restrict or disable TGA RLE compression for mode "1" images in application code, or disable TGA image saving functionality altogether until the patch can be applied. Applications should also validate image mode before invoking save operations with RLE compression as a defense-in-depth measure (GitHub Advisory).

Reazioni della comunità

The vulnerability was reported by researcher Serotav and published as a GitHub Security Advisory (GHSA-fj7v-r99m-22gq) by the Pillow maintainer radarhere on July 7, 2026, with the fix merged on June 22, 2026, ahead of the public disclosure. The advisory includes detailed technical analysis and multiple runnable PoC scripts, reflecting the Pillow project's commitment to transparent security disclosure. No significant broader media coverage or notable social media reactions have been identified beyond standard CVE tracking and aggregator sites (GitHub Advisory).

Risorse aggiuntive


FonteQuesto report è stato generato utilizzando l'intelligenza artificiale

Imparentato Homebrew Vulnerabilità:

CVE ID

Severità

Punteggio

Tecnologie

Nome del componente

Exploit CISA KEV

Ha la correzione

Data di pubblicazione

CVE-2026-59204HIGH8.7
  • Homebrew logoHomebrew
  • pillow
NoJul 14, 2026
CVE-2026-59205HIGH7.5
  • Python logoPython
  • python-pillow
NoJul 14, 2026
CVE-2026-59203HIGH7.5
  • Python logoPython
  • pillow
NoJul 14, 2026
CVE-2026-59199HIGH7.5
  • Python logoPython
  • pillow
NoJul 14, 2026
CVE-2026-59198HIGH7.5
  • Homebrew logoHomebrew
  • pillow
NoJul 14, 2026

Valutazione gratuita delle vulnerabilità

Benchmark della tua posizione di sicurezza del cloud

Valuta le tue pratiche di sicurezza cloud in 9 domini di sicurezza per confrontare il tuo livello di rischio e identificare le lacune nelle tue difese.

Richiedi valutazione

Richiedi una demo personalizzata

Pronti a vedere Wiz in azione?

"La migliore esperienza utente che abbia mai visto offre piena visibilità ai carichi di lavoro cloud."
David EstlickCISO (CISO)
"Wiz fornisce un unico pannello di controllo per vedere cosa sta succedendo nei nostri ambienti cloud."
Adam FletcherResponsabile della sicurezza
"Sappiamo che se Wiz identifica qualcosa come critico, in realtà lo è."
Greg PoniatowskiResponsabile della gestione delle minacce e delle vulnerabilità