Pillow-Heif Integer Overflow Vulnerability Leading to Heap Out-of-Bounds Read

An integer overflow vulnerability has been identified in the Pillow-Heif library, which is used for handling HEIF images in Python. This issue, present in versions prior to 1.3.0, arises from improper buffer validation in the encoding process. The vulnerability allows attackers to bypass bounds checks by specifying large image dimensions, causing a heap out-of-bounds read. This exploitation can result in information disclosure, with server heap memory leaking into encoded images, or a denial-of-service condition by crashing the processing application. The vulnerability triggers under default settings, without requiring any special configuration.

Impact

Exploitation of this vulnerability causes a heap out-of-bounds read, leading to a process crash. When AddressSanitizer is enabled, this overflow can be detected as a negative size parameter error, indicating that the bounds check was successfully bypassed. The out-of-bounds read can also be exploited to leak sensitive information from the server's memory into the encoded image, potentially including request data, Python objects, or private tokens.

Reproduction

The vulnerability can be reproduced by using the Pillow-Heif library to encode an image with dimensions that cause an integer overflow in the buffer validation. This can be done by setting a large stride value and height, which together exceed the maximum integer limit, or by using large dimensions that cause the width-height product to overflow. The encoding process can be monitored for errors or crashes, with the AddressSanitizer tool available to confirm the overflow issue.

Remediation

Users can upgrade to Pillow-Heif version 1.3.0 or later, where this vulnerability has been fixed.