
PEACH
Un framework di isolamento del tenant
CVE-2026-59198 is a heap out-of-bounds read vulnerability in Pillow's TGA RLE encoder that allows adjacent process heap memory to be serialized into generated TGA image files. Affecting Pillow versions 5.2.0 through 12.2.0, the flaw was disclosed on July 14, 2026, and is fixed in version 12.3.0. The vulnerability carries a CVSS v3.1 base score of 7.5 (High) per NVD, or 6.5 (Moderate) per the GitHub Security Advisory (GitHub Advisory).
The root cause is an out-of-bounds read (CWE-125) in src/libImaging/TgaRleEncode.c. When saving a mode "1" (1-bit black-and-white) image with TGA RLE compression, Pillow's _setimage() function in src/encode.c allocates a packed row buffer of ceil(width / 8) bytes — the correct size for a 1-bit-per-pixel format. However, ImagingTgaRleEncode() computes bytesPerPixel = (state->bits + 7) / 8 = 1, treating the row as one full byte per pixel and using pixel indexes as byte offsets. This mismatch causes the encoder to read far beyond the allocated buffer: at the maximum TGA width of 65535, the allocated buffer is 8192 bytes but the encoder walks 65535 bytes, creating an out-of-bounds window of up to 57343 bytes. The out-of-bounds bytes are then copied into the output TGA file via memcpy() in packet payload writes of up to 128 bytes each. The fix (PR #9709, commit eada3cb) raises an OSError when attempting to save a mode "1" image with tga_rle compression, since the TGA format specification does not define a black-and-white RLE data type (GitHub Advisory, Fix Commit).
Successful exploitation results in a high-severity information disclosure: up to ~57 KB of adjacent process heap memory can be embedded into a single output TGA file, with demonstrated coverage of 99.92% of the maximum adjacent heap window in testing on Pillow 12.2.0. This heap data may contain sensitive information such as cryptographic keys, session tokens, passwords, or other in-memory application data processed by the host application. There is no integrity or availability impact, but the confidentiality impact is rated High. The vulnerability is exploitable remotely if an attacker can supply a crafted mode "1" image to an application that saves it with TGA RLE compression (GitHub Advisory).
im.save(..., format="TGA", compression="tga_rle") or rle=True on user-supplied images).import io
from PIL import Image
out = io.BytesIO()
Image.new("1", (65535, 1), 0).save(out, format="TGA", compression="tga_rle")ceil(width / 8)), recovering up to ~57 KB of adjacent heap memory.format=TGA and compression=tga_rle or rle=True parameters on mode "1" images; ASAN or memory sanitizer alerts referencing TgaRleEncode.c or comparePixels if instrumented builds are in use.ImagingTgaRleEncode (GitHub Advisory).Upgrade Pillow to version 12.3.0 or later, which raises an OSError when attempting to save a mode "1" image with TGA RLE compression, preventing the out-of-bounds read entirely (Pillow Release, Fix Commit). If immediate patching is not possible, restrict or disable TGA RLE compression for mode "1" images in application code, or disable TGA image saving functionality altogether until the patch can be applied. Applications should also validate image mode before invoking save operations with RLE compression as a defense-in-depth measure (GitHub Advisory).
The vulnerability was reported by researcher Serotav and published as a GitHub Security Advisory (GHSA-fj7v-r99m-22gq) by the Pillow maintainer radarhere on July 7, 2026, with the fix merged on June 22, 2026, ahead of the public disclosure. The advisory includes detailed technical analysis and multiple runnable PoC scripts, reflecting the Pillow project's commitment to transparent security disclosure. No significant broader media coverage or notable social media reactions have been identified beyond standard CVE tracking and aggregator sites (GitHub Advisory).
Fonte: Questo report è stato generato utilizzando l'intelligenza artificiale
Valutazione gratuita delle vulnerabilità
Valuta le tue pratiche di sicurezza cloud in 9 domini di sicurezza per confrontare il tuo livello di rischio e identificare le lacune nelle tue difese.
Richiedi una demo personalizzata
"La migliore esperienza utente che abbia mai visto offre piena visibilità ai carichi di lavoro cloud."
"Wiz fornisce un unico pannello di controllo per vedere cosa sta succedendo nei nostri ambienti cloud."
"Sappiamo che se Wiz identifica qualcosa come critico, in realtà lo è."