Hugo Lefeuvre

**Nome do software vulnerável e versões afetadas** Versões do Sudo 1.8.0 a 1.9.12 **Descrição** O problema está relacionado a um erro de ultrapassagem de limites de matriz no arquivo plugins/sudoers/auth/passwd.c do programa Sudo ao usar o backend de senha crypt(). Esse erro pode resultar em uma leitura excessiva do buffer baseada em heap, permitindo potencialmente que um invasor cause uma negação de serviço. O impacto pode variar dependendo das bibliotecas do sistema, do compilador e da arquitetura do processador. A vulnerabilidade pode ser acionada por usuários locais arbitrários com acesso ao Sudo ao digitarem uma senha de sete caracteres ou menos. **Recomendações** Para as versões do Sudo 1.8.0 a 1.9.12, considere desativar o backend de senha crypt() como uma solução temporária até que um patch esteja disponível. Restrinja o acesso ao arquivo plugins/sudoers/auth/passwd.c para minimizar o risco de exploração. Evite usar senhas de sete caracteres ou menos nas versões afetadas do Sudo até que o problema seja resolvido. No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.8-54 **Description** The issue is related to a heap-based buffer overflow in the ReadPSInfo function located in coders/ps.c. **Recommendations** For versions prior to 7.0.8-54, update to version 7.0.8-54 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Simple DirectMedia Layer (SDL) version 2.0.9 SDL2 image version 2.0.4 **Description** An issue was discovered in libSDL2.a when used with libSDL2 image.a. There is an out-of-bounds read in the `SDL FreePalette REAL` function at video/SDL pixels.c. **Recommendations** For Simple DirectMedia Layer (SDL) version 2.0.9, consider updating to a newer version to resolve the issue. For SDL2 image version 2.0.4, consider updating to a newer version to resolve the issue. As a temporary workaround, consider restricting the use of the `SDL FreePalette REAL` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Simple DirectMedia Layer (SDL) version 2.0.9 SDL2 image version 2.0.4 **Description** An issue was discovered in libSDL2.a when used with libSDL2 image.a. There is a NULL pointer dereference in the `stdio read` function in the file SDL rwops.c. **Recommendations** For Simple DirectMedia Layer (SDL) version 2.0.9, consider updating to a newer version to resolve the issue. For SDL2 image version 2.0.4, consider updating to a newer version to resolve the issue. As a temporary workaround, consider restricting the use of the `stdio read` function in SDL rwops.c until a patch is available.

**Name of the Vulnerable Software and Affected Versions** FreeImage version 3.18.0 **Description** The issue occurs when reading a tiff file, which is handled by the Load function of the PluginTIFF.cpp file. A memcpy operation happens where the destination address and the size of the copied data are not considered, resulting in a heap overflow. This can be exploited by a remote attacker to cause a denial of service. **Recommendations** For FreeImage version 3.18.0, consider disabling the Load function of the PluginTIFF.cpp file as a temporary workaround until a patch is available. Restrict access to the PluginTIFF.cpp file to minimize the risk of exploitation. Avoid using the affected function to handle tiff files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Simple DirectMedia Layer (SDL) version 2.0.9 **Description** An issue was discovered in the Simple DirectMedia Layer (SDL) where there is an out-of-bounds read in the function `SDL InvalidateMap()` at `video/SDL pixels.c`. **Recommendations** For version 2.0.9, consider applying a patch or fix to address the out-of-bounds read issue in the `SDL InvalidateMap()` function. As a temporary workaround, consider restricting access to the `SDL InvalidateMap()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Simple DirectMedia Layer (SDL) version 2.0.9 SDL2 image version 2.0.4 **Description** An issue was discovered in libSDL2.a when used with libSDL2 image.a. There is an invalid free error in the `SDL SetError REAL` function at SDL error.c. **Recommendations** For Simple DirectMedia Layer (SDL) version 2.0.9, consider updating to a newer version to resolve the issue. For SDL2 image version 2.0.4, consider updating to a newer version to resolve the issue. As a temporary workaround, consider restricting the use of the `SDL SetError REAL` function until a patch is available.