CVE-2014-3606

Priority
Description
This issue was found while fuzzing PIL/pillow. A specially crafted
arguments passed to _imagingmath.unop() trigger crash in the native
code of the library.
.
The _imagingmath is an internal helper module used by the ImageMath
module, that is not meant to be used directly. The unop() function
uses its arguments as pointers, even a function pointer in case of its
first argument. Any use case where its called with untrusted arguments
would allow code execution.
.
However, that's not how unop() is used in ImageMath, which properly
constructs arguments for the function. Contrary to the information in
comment 0, observed crash is not triggered by a specially-crafted
image, but rather caused by an incorrect function use.
Package
Upstream:not-affected (not a security bug)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (not a security bug)
Package
Upstream:not-affected (not a security bug)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Updated: 2019-01-14 22:13:58 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)