Astra Linux - уязвимость в libsdl2

In SDL Simple DirectMediaLayer versions 2.x through 2.0.9, there is a heap-based buffer over-read issue in the FillIMAADPCMblock function, caused by an integer overflow in the IMAADPCMDecode function in the audio/SDLwave.c file...

Astra Linux - уязвимость в libsdl1.2, libsdl2, sdl-image1.2

In SDL Simple DirectMediaLayer, versions from 1.2.15 up to 2.x, and then from 2.0.9 onwards, there is a heap-based buffer over-read issue in the BlitNtoN function within the video/SDLblitN.c file, when it is called from the SDLSoftBlit function in the video/SDLblit.c file...

[SECURITY] Fedora 44 Update: SDL2_image-2.8.12-1.fc44

Simple DirectMedia Layer SDL is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. This package contains a simple library for loading images of various formats BMP, PPM, PCX, GIF, JPEG, PNG as SDL surfaces...

Unity Linux 20.1070e Security Update: SDL2 (UTSA-2026-017801)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017801 advisory. SDL Simple DirectMedia Layer through 2.0.12 has a heap-based buffer over-read in Blit3or4to3or4inversedrgb in video/SDLblitN.c via a crafted .BMP file. Tenable has...

[SECURITY] Fedora 44 Update: SDL3_image-3.4.4-1.fc44

Simple DirectMedia Layer SDL is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. This is a simple library to load images of various formats as SDL surfaces. It can load BMP, GIF, JPEG, LBM, PCX, PNG, PNM PPM/PGM/PBM, QOI, TGA, XCF,...

Astra Linux - уязвимость в libsdl1.2

SDL Simple DirectMediaLayer from version 1.2.15 to 2.x, and from 2.0.9 to 2.0.9, has a heap-based buffer overflow issue in the SDLFillRect function within the video/SDLsurface.c file...

Astra Linux - уязвимость в libsdl1.2, libsdl2

In SDL Simple DirectMedia Layer, from versions 1.2.15 onward, as well as in versions 2.x through 2.0.9, there is a heap-based buffer over-read issue in the Map1toN function within the video/SDLpixels.c file...

Astra Linux - уязвимость в libsdl1.2, libsdl2

SDL Simple DirectMediaLayer from version 1.2.15 to 2.x, and from version 2.0.9 to 2.0.9, has a heap-based buffer overflow issue in the MSADPCMDecode function within audio/SDLwave.c...

Astra Linux - уязвимость в libsdl1.2, libsdl2

In SDL Simple DirectMedia Layer, from versions 1.2.15 onward, as well as in versions 2.x through 2.0.9, there is a heap-based buffer over-read issue in the InitMSADPCM function within audio/SDLwave.c, specifically within the wNumCoef loop...

Astra Linux - уязвимость в libsdl1.2, libsdl2

In SDLLoadWAVRW in the audio/SDLwave.c file, there is an issue of buffer over-reading for versions from 1.2.15 up to 2.x, and further up to 2.0.9...

Astra Linux - уязвимость в libsdl1.2, libsdl2

The SDL Simple DirectMediaLayer versions from 1.2.15 up to 2.x, and from 2.0.9 up to 2.0.9, have a buffer over-reading issue in the IMAADPCMnibble function in the audio/SDLwave.c file...

Astra Linux - уязвимость в libsdl2

SDL Simple DirectMedia Layer version 2.0.12 has a heap-based buffer over-read issue in the function Blit3or4to3or4inversedrgb in the file video/SDLblitN.c, caused by a malicious .BMP file...

Astra Linux - уязвимость в libsdl1.2

SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11/SDLx11yuv.c...

JLSEC-2026-363

SDL Simple DirectMedia Layer through 2.0.12 has a heap-based buffer over-read in Blit3or4to3or4inversedrgb in video/SDLblitN.c via a crafted .BMP file...

JLSEC-2026-364

There is a heap overflow problem in video/SDLpixels.c in SDL Simple DirectMedia Layer 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution...

OPENSUSE-SU-2026:10494-1 SDL2_image-devel-2.8.10-1.1 on GA media

These are all security issues fixed in the SDL2image-devel-2.8.10-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-24680

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...

PT-2026-2929

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw due to a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread. This condition...

CVE-2025-50361

Buffer Overflow was found in SmallBASIC community SmallBASIC with SDL Before v1228, and commit sha:298a1d495355959db36451e90a0ac74bcc5593fe in the function main.cpp, which can lead to potential information leakage and crash...

EUVD-2018-15623

Malware in sbrugna...