Bug 975500 (CVE-2016-4009) - VUL-0: CVE-2016-4009: python-Pillow: Integer overflow in the ImagingResampleHorizontal function inlibImaging/Resample.c in Pillow before...
Summary: VUL-0: CVE-2016-4009: python-Pillow: Integer overflow in the ImagingResampleH...
Status: RESOLVED FIXED
Alias: CVE-2016-4009
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/167821/
Whiteboard: CVSSv2:SUSE:CVE-2016-4009:6.8:(AV:N/A...
Keywords:
Depends on:
Blocks:
 
Reported: 2016-04-14 08:23 UTC by Johannes Segitz
Modified: 2020-05-06 13:17 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2016-04-14 08:23:39 UTC 
CVE-2016-4009

Integer overflow in the ImagingResampleHorizontal function in
libImaging/Resample.c in Pillow before 3.1.1 allows remote attackers to have
unspecified impact via negative values of the new size, which triggers a
heap-based buffer overflow.

Fix: https://github.com/python-pillow/Pillow/commit/4e0d9b0b9740d258ade40cce248c93777362ac1e

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4009
https://github.com/python-pillow/Pillow/pull/1714
Comment 2 Swamp Workflow Management 2016-04-14 22:00:22 UTC 
bugbot adjusting priority
Comment 3 Dirk Mueller 2019-08-07 16:52:42 UTC 
submitted for cloud7, newer version not affected
Comment 5 Swamp Workflow Management 2019-09-09 13:16:13 UTC 
SUSE-SU-2019:2334-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 967970,975500
CVE References: CVE-2016-2533,CVE-2016-4009
Sources used:
SUSE OpenStack Cloud 7 (src):    python-Pillow-2.8.1-4.9.1
SUSE Enterprise Storage 4 (src):    python-Pillow-2.8.1-4.9.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Alexandros Toptsoglou 2020-04-24 14:58:31 UTC 
Done
Comment 8 Swamp Workflow Management 2020-05-06 13:17:48 UTC 
SUSE-SU-2020:1194-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 967970,975500
CVE References: CVE-2016-2533,CVE-2016-4009
Sources used:
SUSE Enterprise Storage 5 (src):    python-Pillow-2.8.1-3.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.