CVE-2017-14450Improper Restriction of Operations within the Bounds of a Memory Buffer in SDL Image

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents6 sources
Severity
7.1HIGHNVD
EPSS
0.9%
top 23.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
SAM Lantinga AND Mattias Engdeg RD Simple Directmedia LayerDebian LinuxLibsdl SDL Image
Timeline
PublishedApr 24
Latest updateMay 13

Description

A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:HExploitability: 2.8 | Impact: 4.2

Affected Packages2 packages

NVDlibsdl/sdl_image2.0.2

Also affects: Debian Linux 7.0, 8.0, 9.0

🔴Vulnerability Details

3
GHSA
GHSA-f8q9-fqg7-g33x: A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-22022-05-13
OSV
CVE-2017-14450: A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-22018-04-24
CVEList
CVE-2017-14450: A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-22018-04-24

📋Vendor Advisories

1
Debian
CVE-2017-14450: libsdl2-image - A buffer overflow vulnerability exists in the GIF image parsing functionality of...2017

💬Community

3
Bugzilla
CVE-2017-14450 SDL2_image: buffer overflow in the GIF image parsing [fedora-all]2018-03-06
Bugzilla
CVE-2017-14450 SDL2_image: buffer overflow in the GIF image parsing2018-03-06
Bugzilla
CVE-2017-14450 SDL2_image: buffer overflow in the GIF image parsing [epel-7]2018-03-06
CVE-2017-14450 — Libsdl SDL Image vulnerability | cvebase