CVE-2026-59199
Python 취약성 분석 및 완화

개요

CVE-2026-59199 is a heap out-of-bounds write vulnerability in Pillow, the Python imaging library, caused by signed 32-bit integer overflow in image coordinate arithmetic. When coordinates near the signed 32-bit integer limits are passed to Image.paste(), Image.crop(), or Image.alpha_composite(), the native C extension performs arithmetic that wraps around, bypassing bounds checks and triggering a backward heap underwrite. All Pillow versions prior to 12.3.0 are affected. The vulnerability was disclosed on July 14, 2026, with a fix merged on June 22, 2026, and released in Pillow 12.3.0. It carries a CVSS v3.1 base score of 7.5 (High) (GitHub Advisory).

기술적 세부 사항

The root cause is an integer overflow (CWE-190) in src/libImaging/Paste.c, where the box dimensions are computed as xsize = dx1 - dx0 and ysize = dy1 - dy0 using signed int arithmetic. When an attacker supplies coordinates such as dx0 = 2147483646 and dx1 = -2147483648, the subtraction wraps around to a small positive value that matches the source image dimensions, causing the subsequent bounds checks to pass incorrectly. The paste loop then computes a negative destination offset (multiplied by pixelsize), resulting in a memcpy writing attacker-controlled pixel bytes before the destination row allocation — a backward heap underwrite (CWE-787). The write offset and length both scale with the attacker-controlled source image width: for RGBA mode with width W, the write is 4*W bytes starting 4*W bytes before the destination row pointer, with a theoretical maximum of ~2 GiB. The same sink is reachable via Image.crop() (through ImagingCropImagingPaste) and Image.alpha_composite() (via its internal crop). No private APIs, malformed image files, or special privileges are required — only the ability to supply crafted coordinate values to these public APIs (GitHub Advisory, Fix PR).

영향

Successful exploitation primarily causes a denial of service: on standard Pillow builds, the heap corruption from the out-of-bounds write results in process abort with double free or corruption (out). In theory, the controlled backward heap underwrite — where attacker-supplied pixel data is written to arbitrary heap memory — could be leveraged for memory corruption beyond a crash, though no remote code execution has been demonstrated publicly. Applications that accept untrusted image coordinates (e.g., user-supplied crop boxes, paste positions, or overlay destinations) are directly at risk. The confidentiality and integrity impacts are rated None in the CVSS scoring, with availability impact rated High (GitHub Advisory).

착취 단계

  1. Identify target: Locate an application that uses Pillow < 12.3.0 and accepts attacker-controlled image coordinates for operations such as Image.paste(), Image.crop(), or Image.alpha_composite() — for example, a web service that allows users to specify crop or overlay positions.
  2. Craft malicious coordinates: Construct a 4-tuple box with coordinates near the signed 32-bit integer limits. For Image.paste(), use a box such as ((1 << 31) - W, 0, -(1 << 31), 1) where W is the width of the source image (e.g., W=2 gives (2147483646, 0, -2147483648, 1)).
  3. Prepare source image: Create or supply a source RGBA image of width W with attacker-controlled pixel values (e.g., Image.frombytes('RGBA', (W, 1), payload_bytes)).
  4. Trigger the vulnerability: Submit the crafted coordinates and source image to the target application, causing it to call dst.paste(src, box). The C layer computes xsize = dx1 - dx0, which wraps to W due to signed integer overflow, bypassing the size mismatch check.
  5. Heap corruption occurs: The paste loop computes a negative destination offset (dx * pixelsize = -4*W), and memcpy writes 4*W attacker-controlled bytes starting 4*W bytes before the destination row pointer, corrupting the heap.
  6. Observe impact: On standard builds, the process aborts with double free or corruption (out) during cleanup, achieving denial of service. Under ASAN, the signature is heap-buffer-overflow WRITE in ImagingPaste (GitHub Advisory).

타협의 징후

  • Logs: Application crash logs or Python tracebacks showing double free or corruption (out) or Aborted (core dumped) originating from Pillow image operations; ASAN reports showing heap-buffer-overflow WRITE in ImagingPaste at src/libImaging/Paste.c.
  • Process: Unexpected process termination or core dumps from Python processes using Pillow; repeated crashes of image-processing workers or services.
  • Application Input: Requests or inputs containing image coordinate values near signed 32-bit integer boundaries (approximately ±2,147,483,648), particularly in crop box, paste box, or overlay destination parameters.

완화 및 해결 방법

Upgrade Pillow to version 12.3.0 or later, which fixes the vulnerability by changing the dimension calculation variables xsize and ysize in src/libImaging/Paste.c from int to int64_t, preventing signed integer overflow (Fix Commit, Release 12.3.0). If immediate patching is not possible, restrict image coordinate inputs at the application layer to exclude values near the signed 32-bit integer limits (approximately ±2,147,483,648) before passing them to Pillow APIs. Input validation should reject any coordinate tuple where the computed width or height would overflow a 32-bit signed integer.

추가 자료


근원이 보고서는 AI를 사용하여 생성되었습니다.

관련 Python 취약점:

CVE ID

심각도

점수

기술

구성 요소 이름

CISA KEV 익스플로잇

수정 사항이 있습니다.

게시된 날짜

GHSA-r3hx-x5rh-p9vvHIGH8.7
  • Python logoPython
  • django-haystack
아니요Jul 15, 2026
CVE-2026-54457HIGH7.7
  • Python logoPython
  • tensorzero
아니요Jul 15, 2026
CVE-2026-50271HIGH7.5
  • Python logoPython
  • ddtrace
아니요Jul 15, 2026
CVE-2026-54254MEDIUM6.9
  • Python logoPython
  • cyberdrop-dl-patched
아니요Jul 15, 2026
CVE-2026-53656MEDIUM6.3
  • Python logoPython
  • fiftyone
아니요Jul 15, 2026

무료 취약성 평가

클라우드 보안 태세를 벤치마킹합니다

9개의 보안 도메인에서 클라우드 보안 관행을 평가하여 위험 수준을 벤치마킹하고 방어의 허점을 식별합니다.

평가 요청

추가 Wiz 리소스

맞춤형 데모 받기

맞춤형 데모 신청하기

"내가 본 최고의 사용자 경험은 클라우드 워크로드에 대한 완전한 가시성을 제공합니다."
데이비드 에슬릭최고정보책임자(CISO)
"Wiz는 클라우드 환경에서 무슨 일이 일어나고 있는지 볼 수 있는 단일 창을 제공합니다."
아담 플레처최고 보안 책임자(CSO)
"우리는 Wiz가 무언가를 중요한 것으로 식별하면 실제로 중요하다는 것을 알고 있습니다."
그렉 포니아토프스키위협 및 취약성 관리 책임자