PT-2019-12708 · Simple Directmedia Layer+3 · Sdl+3

Hugo Lefeuvre

Published

2019-05-20

Updated

2020-01-14

CVE-2019-12222

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Simple DirectMedia Layer (SDL) version 2.0.9

Description An issue was discovered in the Simple DirectMedia Layer (SDL) where there is an out-of-bounds read in the function SDL InvalidateMap() at video/SDL pixels.c.

Recommendations For version 2.0.9, consider applying a patch or fix to address the out-of-bounds read issue in the SDL InvalidateMap() function. As a temporary workaround, consider restricting access to the SDL InvalidateMap() function until a patch is available.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2019-2572

ALT-PU-2019-3262

CVE-2019-12222

DLA-1861-1

DLA-1865-1

MGASA-2019-0363

MGASA-2019-0364

OPENSUSE-SU-2019:2070-1

OPENSUSE-SU-2019:2108-1

OPENSUSE-SU-2019_2070-1

OPENSUSE-SU-2024:10608-1

USN-4238-1

Affected Products

Alt Linux

Sdl

Suse

Ubuntu

PT-2019-12708 · Simple Directmedia Layer+3 · Sdl+3

CVE-2019-12222

Weakness Enumeration

Related Identifiers

Affected Products

References · 152