CVE-2017-14450

Name of the Vulnerable Software and Affected Versions sdl-image versions prior to the fixed version SDL2 image version 2.0.2

Description The issue is related to memory handling errors in the image loading library, which can lead to denial of service or execution of arbitrary code. Exploitation of the issue may allow a remote attacker to cause denial of service or compromise data integrity using specially crafted image files. A buffer overflow vulnerability exists in the GIF image parsing functionality, where a specially crafted GIF image can lead to a buffer overflow on a global section.

Recommendations For sdl-image versions prior to the fixed version, update to a version that includes the fix for the memory handling errors. For SDL2 image version 2.0.2, avoid using the GIF image parsing functionality until a patch is available. As a temporary workaround, consider restricting the use of specially crafted image files to minimize the risk of exploitation.