CVE-2019-12217NULL Pointer Dereference in Sdl2 Image

CWE-476NULL Pointer Dereference13 documents8 sources
Severity
6.5MEDIUMNVD
EPSS
0.9%
top 24.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Libsdl Sdl2 ImageLibsdl Simple Directmedia Layer
Timeline
PublishedMay 20
Latest updateMay 24

Description

An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

🔴Vulnerability Details

3
GHSA
GHSA-6g3h-xc5w-jq88: An issue was discovered in libSDL22022-05-24
OSV
CVE-2019-12217: An issue was discovered in libSDL22019-05-20
CVEList
CVE-2019-12217: An issue was discovered in libSDL22019-05-20

📋Vendor Advisories

3
Ubuntu
SDL_image vulnerabilities2020-01-14
Red Hat
SDL: null-pointer dereference in function stdio_read in file/SDL_rwops.c2019-05-20
Debian
CVE-2019-12217: libsdl2-image - An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 whe...2019

💬Community

6
Bugzilla
CVE-2019-12217 SDL2: SDL: null-pointer dereference in function stdio_read in file/SDL_rwops.c [epel-7]2019-09-16
Bugzilla
CVE-2019-12217 mingw-SDL2: SDL: null-pointer dereference in function stdio_read in file/SDL_rwops.c [fedora-all]2019-09-16
Bugzilla
CVE-2019-12217 mingw-SDL2: SDL: null-pointer dereference in function stdio_read in file/SDL_rwops.c [epel-7]2019-09-16
Bugzilla
CVE-2019-12217 SDL2: SDL: null-pointer dereference in function stdio_read in file/SDL_rwops.c [fedora-all]2019-09-16
Bugzilla
CVE-2019-12217 SDL: null-pointer dereference in function stdio_read in file/SDL_rwops.c2019-07-23
CVE-2019-12217 — NULL Pointer Dereference in Sdl2 Image | cvebase