Debian 9 Stretch DLA-2804-1 Moderate: libsdl1.2 Heap Overflow

debian lts

October 31, 2021

Several vulnerability have been fixed in libsdl2, the older version of the Simple DirectMedia Layer library that provides low level access to audio, keyboard, mouse, joystick, and ...

Topics Covered

security advisory debian heap overflow buffer over-read libsdl1.2

Summary

CVE-2019-7572

Buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c

CVE-2019-7573

Heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c

CVE-2019-7574

Heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c

CVE-2019-7575

Heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c

CVE-2019-7576

Heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c

CVE-2019-7577

Buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c

CVE-2019-7578

Heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c

CVE-2019-7635

Heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c

CVE-2019-7636

Heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c

CVE-2019-7637

Heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c

CVE-2019-7638

Heap-based buffer over-read in Map1toN in video/SDL_pixels.c

CVE-2019-13616

Heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c