An exploitable heap-based buffer overflow vulnerability exists when loading
a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead
to a buffer overflow and potential code execution. An attacker can provide
a specially crafted image file to trigger this vulnerability.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | libsdl2-image | <Â any | UNKNOWN |
ubuntu | 14.04 | noarch | libsdl2-image | <Â 2.0.0+dfsg-3+deb8u2build0.14.04.1~esm1) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 16.04 | noarch | libsdl2-image | <Â any | UNKNOWN |
ubuntu | 18.04 | noarch | sdl-image1.2 | <Â 1.2.12-8ubuntu0.1 | UNKNOWN |
ubuntu | 14.04 | noarch | sdl-image1.2 | <Â 1.2.12-5+deb9u1ubuntu0.14.04.1~esm1) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 16.04 | noarch | sdl-image1.2 | <Â 1.2.12-5+deb9u1ubuntu0.16.04.1 | UNKNOWN |