Unity Linux 20.1070e Security Update: SDL2 (UTSA-2026-017800)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017800 advisory. SDL Simple DirectMedia Layer through 2.0.12 has an Integer Overflow and resultant SDLmemcpy heap corruption in SDLBlitCopy in video/SDLblitcopy.c via a crafted .BMP...

CVE-2026-27950 FreeRDP heap-use-after-free in update_pointer_new(SDL): Fix Applied in the Wrong File

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2 implementation, the fix appears to have been...

CVE-2026-24680 FreeRDP has a heap-use-after-free in update_pointer_new(SDL)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...

OPENSUSE-SU-2025:15205-1 SDL-1.2.15-1.1 on GA media

These are all security issues fixed in the SDL-1.2.15-1.1 package on the GA media of openSUSE Tumbleweed...

The vulnerability of the XFree function in the /src/video/x11/SDL_x11yuv.c file of the Simple DirectMediaLayer library allows a hacker to cause a service failure.

The vulnerability of the XFree function in the /src/video/x11/SDLx11yuv.c file of the Simple DirectMediaLayer library is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

SUSE CVE-2019-7573

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMSADPCM in audio/SDLwave.c inside the wNumCoef loop...

SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMSADPCM in audio/SDLwave.c inside the wNumCoef loop...

UBUNTU-CVE-2019-13626

SDL Simple DirectMedia Layer 2.x through 2.0.9 has a heap-based buffer over-read in FillIMAADPCMblock, caused by an integer overflow in IMAADPCMdecode in audio/SDLwave.c...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read. An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an out-of-bounds read in the SDL function SDLFreePaletteREAL at...

SDL (Simple DirectMedia Layer) Buffer Overflow Vulnerability (CNVD-2019-29178)

Simple DirectMedia Layer SDL is a multi-platform library for accessing low-level hardware and graphics and providing support for games, software and emulators. A heap-based buffer overflow vulnerability exists in the 'SDLFillRect' function in the video/SDLsurface.c file in SDL versions 1.2.15 and...

SDL (Simple DirectMedia Layer) Buffer Overflow Vulnerability (CNVD-2019-29177)

Simple DirectMedia Layer SDL is a multi-platform library for accessing low-level hardware and graphics and providing support for games, software and emulators. A heap-based buffer overflow vulnerability exists in the 'SDLFillRect' function in the video/SDLsurface.c file in SDL versions 1.2.15 and...

UBUNTU-CVE-2019-7572

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMAADPCMnibble in audio/SDLwave.c...