Описание
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 2.0.6+dfsg1-2ubuntu2 |
| bionic | not-affected | 2.0.6+dfsg1-2ubuntu2 |
| cosmic | not-affected | 2.0.6+dfsg1-2ubuntu2 |
| devel | not-affected | 2.0.6+dfsg1-2ubuntu2 |
| disco | not-affected | 2.0.6+dfsg1-2ubuntu2 |
| esm-infra-legacy/trusty | not-affected | 2.0.2+dfsg1-3ubuntu1.2 |
| esm-infra/bionic | not-affected | 2.0.6+dfsg1-2ubuntu2 |
| esm-infra/xenial | not-affected | 2.0.4+dfsg1-2ubuntu2 |
| precise/esm | not-affected | 1.2.14-6.4ubuntu3.1 |
| trusty | not-affected | 2.0.2+dfsg1-3ubuntu1.2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 2.0.8+dfsg1-1ubuntu1.18.04.1 |
| cosmic | not-affected | 2.0.8+dfsg1-1ubuntu1.18.04.1 |
| devel | not-affected | 2.0.8+dfsg1-1ubuntu1.18.04.1 |
| disco | not-affected | 2.0.8+dfsg1-1ubuntu1.18.04.1 |
| esm-apps/bionic | not-affected | 2.0.8+dfsg1-1ubuntu1.18.04.1 |
| esm-apps/xenial | released | 2.0.4+dfsg1-2ubuntu2.16.04.2 |
| esm-infra-legacy/trusty | released | 2.0.2+dfsg1-3ubuntu1.3 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
Показывать по
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
An exploitable integer overflow vulnerability exists when creating a n ...
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
Уязвимость библиотеки Simple DirectMedia Layer, связанная с целочисленным переполнением, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
6.8 Medium
CVSS2
8.8 High
CVSS3