Published: 07/02/2019 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

SDL (Simple DirectMedia Layer) up to and including 1.2.15 and 2.x up to and including 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libsdl simple directmedia layer
opensuse leap 42.3
opensuse leap 15.0
debian debian linux 8.0
debian debian linux 9.0
fedoraproject fedora 28
fedoraproject fedora 29
fedoraproject fedora 31
canonical ubuntu linux 16.04
canonical ubuntu linux 18.04
canonical ubuntu linux 14.04
canonical ubuntu linux 12.04

Synopsis Moderate: SDL security update Type/Severity Security Advisory: Moderate Topic An update for SDL is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which give ...

Debian Bug report logs - #924609 libsdl12: Multiple security issues Package: src:libsdl12; Maintainer for src:libsdl12 is Debian SDL packages maintainers <pkg-sdl-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Thu, 14 Mar 2019 21:36:02 UTC Severity: grave Tags: patch, ...

Several security issues were fixed in SDL ...

SDL (Simple DirectMedia Layer) through 1215 and 2x through 209 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wavec (CVE-2019-7572) SDL (Simple DirectMedia Layer) through 1215 and 2x through 209 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wavec (inside the wNumCoef loop) (CVE-2019-7573) SDL (Simple DirectMe ...

Impact: Moderate Public Date: 2019-02-06 CWE: CWE-125 Bugzilla: 1676509: CVE-2019-7577 SDL: Buffer over ...

SDL (Simple DirectMedia Layer) through 1215 and 2x through 209 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wavec ...

CWE-125 https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720 https://bugzilla.libsdl.org/show_bug.cgi?id=4492 https://lists.debian.org/debian-lts-announce/2019/03/msg00016.html https://lists.debian.org/debian-lts-announce/2019/03/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00073.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00088.html https://security.gentoo.org/glsa/201909-07 https://usn.ubuntu.com/4156-1/https://usn.ubuntu.com/4156-2/https://lists.debian.org/debian-lts-announce/2019/10/msg00020.html https://lists.debian.org/debian-lts-announce/2019/10/msg00021.html https://lists.debian.org/debian-lts-announce/2021/01/msg00024.html https://lists.debian.org/debian-lts-announce/2021/10/msg00032.html https://lists.debian.org/debian-lts-announce/2023/02/msg00008.html https://security.gentoo.org/glsa/202305-17 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFYUCO6D5APPM7IOZ5WOCYVY4DKSXFKD/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MD6EIV2CS6QNDU3UN2RVXPQOFQNHXCP7/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZO47LLKKRXKMUGSRCFNHSTHG5OEBYCG/https://access.redhat.com/errata/RHSA-2020:4627 https://nvd.nist.gov https://usn.ubuntu.com/4156-2/

CVE-2019-7577

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect