CVE-2026-42308: Pillow Font Int Overflow DoS
The vulnerability lies in an integer overflow within Pillow’s font processing logic. By analyzing the commits between the vulnerable and patched versions, specifically commit ec8272044d2adfc97a5f4b6e921c1a908318d9cb, the root cause was identified. The patch changes the data types of position and advanced variables from int to long inside the bounding_box_and_anchors function in src/_imagingft.c. This function calculates the position and bounding box for text rendering. The overflow would occur in this function when processing a font with a very large glyph advance value, causing the position and advanced variables to wrap around. Therefore, the bounding_box_and_anchors function is the precise location of the vulnerability.
Read more here: Source link
