Search CVE reports
1 – 10 of 26 results
SDL_image is a library to load images of various formats as SDL surfaces. In do_layer_surface() in src/IMG_xcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against...
3 affected packages
libsdl2-image, libsdl3-image, sdl-image1.2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libsdl2-image | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libsdl3-image | Needs evaluation | Not in release | Not in release | — | — |
| sdl-image1.2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 6 of 16
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
4 affected packages
sdl-image1.2, libsdl1.2, libsdl2, libsdl2-image
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| sdl-image1.2 | Not affected | Not affected | Not affected | Not affected | Fixed |
| libsdl1.2 | Not in release | Not in release | Not affected | Not affected | Fixed |
| libsdl2 | Not affected | Not affected | Not affected | Not affected | Vulnerable |
| libsdl2-image | Not affected | Not affected | Not affected | Not affected | Vulnerable |
Some fixes available 4 of 10
An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer...
2 affected packages
libsdl2-image, sdl-image1.2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libsdl2-image | Not affected | Not affected | Not affected | Not affected | Vulnerable |
| sdl-image1.2 | Not affected | Not affected | Not affected | Not affected | Fixed |
Some fixes available 4 of 10
An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a...
2 affected packages
libsdl2-image, sdl-image1.2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libsdl2-image | Not affected | Not affected | Not affected | Not affected | Vulnerable |
| sdl-image1.2 | Not affected | Not affected | Not affected | Not affected | Fixed |
Some fixes available 4 of 8
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9. There is an out-of-bounds read in the function SDL_InvalidateMap at video/SDL_pixels.c.
2 affected packages
libsdl2-image, sdl-image1.2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libsdl2-image | Not affected | Not affected | Not affected | Not affected | Vulnerable |
| sdl-image1.2 | Not affected | Not affected | Not affected | Not affected | Fixed |
Some fixes available 4 of 8
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c.
2 affected packages
libsdl2-image, sdl-image1.2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libsdl2-image | Not affected | Not affected | Not affected | Not affected | Vulnerable |
| sdl-image1.2 | Not affected | Not affected | Not affected | Not affected | Fixed |
Some fixes available 4 of 8
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an out-of-bounds read in the SDL function SDL_FreePalette_REAL at video/SDL_pixels.c.
2 affected packages
libsdl2-image, sdl-image1.2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libsdl2-image | Not affected | Not affected | Not affected | Not affected | Vulnerable |
| sdl-image1.2 | Not affected | Not affected | Not affected | Not affected | Fixed |
Some fixes available 4 of 8
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c.
2 affected packages
libsdl2-image, sdl-image1.2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libsdl2-image | Not affected | Not affected | Not affected | Not affected | Vulnerable |
| sdl-image1.2 | Not affected | Not affected | Not affected | Not affected | Fixed |
Some fixes available 4 of 10
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
2 affected packages
libsdl2-image, sdl-image1.2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libsdl2-image | Not affected | Not affected | Not affected | Not affected | Vulnerable |
| sdl-image1.2 | Not affected | Not affected | Not affected | Not affected | Fixed |
Some fixes available 4 of 8
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c.
2 affected packages
libsdl2-image, sdl-image1.2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libsdl2-image | Not affected | Not affected | Not affected | Not affected | Vulnerable |
| sdl-image1.2 | Not affected | Not affected | Not affected | Not affected | Fixed |