Vulnerabilities (CVE)

Filtered by vendor Libsdl Subscribe
Filtered by product Simple Directmedia Layer
Total 23 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-14410 3 Debian, Fedoraproject, Libsdl 3 Debian Linux, Fedora, Simple Directmedia Layer 2021-07-24 5.8 MEDIUM 5.4 MEDIUM
SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file.
CVE-2020-14409 3 Debian, Fedoraproject, Libsdl 3 Debian Linux, Fedora, Simple Directmedia Layer 2021-07-24 6.8 MEDIUM 7.8 HIGH
SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.
CVE-2019-12221 1 Libsdl 2 Sdl2 Image, Simple Directmedia Layer 2021-07-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c.
CVE-2019-14906 2 Libsdl, Redhat 2 Simple Directmedia Layer, Enterprise Linux 2021-04-05 7.5 HIGH 9.8 CRITICAL
A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affects Red Hat SDL packages, SDL versions through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow flaw while copying an existing surface into a new optimized one, due to a lack of validation while loading a BMP image, is possible. An application that uses SDL to parse untrusted input files may be vulnerable to this flaw, which could allow an attacker to make the application crash or execute code.
CVE-2019-13616 6 Canonical, Debian, Fedoraproject and 3 more 13 Ubuntu Linux, Debian Linux, Fedora and 10 more 2021-04-05 5.8 MEDIUM 8.1 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
CVE-2019-7638 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2021-02-24 6.8 MEDIUM 8.8 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.
CVE-2019-7578 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2021-02-23 5.8 MEDIUM 8.1 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.
CVE-2019-7635 5 Canonical, Debian, Fedoraproject and 2 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2021-02-23 5.8 MEDIUM 8.1 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.
CVE-2019-7636 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2021-02-22 5.8 MEDIUM 8.1 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.
CVE-2019-7577 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2021-02-22 6.8 MEDIUM 8.8 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.
CVE-2019-7575 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2021-02-22 6.8 MEDIUM 8.8 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.
CVE-2017-2888 2 Canonical, Libsdl 2 Ubuntu Linux, Simple Directmedia Layer 2021-02-11 6.8 MEDIUM 8.8 HIGH
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
CVE-2019-7637 3 Debian, Libsdl, Opensuse 3 Debian Linux, Simple Directmedia Layer, Leap 2020-08-24 6.8 MEDIUM 8.8 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.
CVE-2019-12216 1 Libsdl 2 Sdl2 Image, Simple Directmedia Layer 2020-08-24 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
CVE-2019-7573 3 Debian, Libsdl, Opensuse 3 Debian Linux, Simple Directmedia Layer, Leap 2019-09-10 6.8 MEDIUM 8.8 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).
CVE-2019-7574 3 Debian, Libsdl, Opensuse 3 Debian Linux, Simple Directmedia Layer, Leap 2019-09-10 6.8 MEDIUM 8.8 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.
CVE-2019-7576 3 Debian, Libsdl, Opensuse 3 Debian Linux, Simple Directmedia Layer, Leap 2019-09-10 6.8 MEDIUM 8.8 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).
CVE-2019-7572 3 Debian, Libsdl, Opensuse 3 Debian Linux, Simple Directmedia Layer, Leap 2019-09-10 6.8 MEDIUM 8.8 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.
CVE-2019-12222 1 Libsdl 1 Simple Directmedia Layer 2019-07-22 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9. There is an out-of-bounds read in the function SDL_InvalidateMap at video/SDL_pixels.c.
CVE-2019-12217 1 Libsdl 2 Sdl2 Image, Simple Directmedia Layer 2019-07-22 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c.