Slouken

**Name of the Vulnerable Software and Affected Versions** SDL (Simple DirectMedia Layer) versions 2.0.12 and earlier **Description** The issue is related to an integer overflow in the SDL BlitCopy function in the video/SDL blit copy.c component of the Simple DirectMedia Layer library. This can lead to SDL memcpy heap corruption when processing a crafted .BMP file. Exploitation of this issue may allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. **Recommendations** For SDL (Simple DirectMedia Layer) versions 2.0.12 and earlier, consider updating to a version later than 2.0.12 to resolve the issue. As a temporary workaround, consider restricting the use of the SDL BlitCopy function in the video/SDL blit copy.c component until a patch is available. Avoid using crafted .BMP files to minimize the risk of exploitation.