Fedora 44 SDL2_sound Critical Denial of Service Fix CVE-2025-14369 Advisory
fedora
March 14, 2026
Latest upstream snapshot from stable-2.0 branch
Summary
SDL_sound is a library that handles the decoding of several popular sound
file formats, such as .WAV and .OGG. It is meant to make the programmer's
sound playback tasks simpler. The programmer gives SDL_sound a filename,
or feeds it data directly from one of many sources, and then reads the
decoded waveform data back at her leisure. If resource constraints are a
concern, SDL_sound can process sound data in programmer-specified blocks.
Alternately, SDL_sound can decode a whole sound file and hand back a
single pointer to the whole waveform. SDL_sound can also handle sample
rate, audio format, and channel conversion on-the-fly and
behind-the-scenes, if the programmer desires.
Update Information:
Latest upstream snapshot from stable-2.0 branch. Fixes CVE-2025-14369 in bundled dr_flac.
Topics Covered
Change Log
* Thu Mar 5 2026 Dominik Mierzejewski
References
[ 1 ] Bug #2431177 - CVE-2025-14369 SDL2_sound: dr_flac: Denial of Service via integer overflow in FLAC metadata [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431177
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9b4cb66a86' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Name: SDL2_sound
Product: Fedora 44
Version: 2.0.5^20260117git1be041b
Release: 1.fc44
Summary: An abstract soundfile decoder library
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!