CVE-2019-12219 — Double Free in Sdl2 Image

CWE-415 — Double Free13 documents8 sources

Severity

8.8HIGHNVD

EPSS

0.6%

top 29.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libsdl Sdl2 Image Libsdl Simple Directmedia Layer

Timeline

PublishedMay 20

Latest updateMay 24

Description

An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶NVDlibsdl/simple_directmedia_layer2.0.9

▶NVDlibsdl/sdl2_image2.0.4

🔴Vulnerability Details

GHSA

GHSA-rh22-q4j2-m68r: An issue was discovered in libSDL2↗2022-05-24

▶

OSV

CVE-2019-12219: An issue was discovered in libSDL2↗2019-05-20

▶

CVEList

CVE-2019-12219: An issue was discovered in libSDL2↗2019-05-20

▶

📋Vendor Advisories

Ubuntu

SDL_image vulnerabilities↗2020-01-14

▶

Red Hat

SDL: invalid free error in function SDL_SetError_REAL↗2019-05-20

▶

Debian

CVE-2019-12219: libsdl2-image - An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 whe...↗2019

▶

💬Community

Bugzilla

CVE-2019-12219 mingw-SDL2: SDL: invalid free error in function SDL_SetError_REAL [fedora-all]↗2019-09-16

▶

Bugzilla

CVE-2019-12219 mingw-SDL2: SDL: invalid free error in function SDL_SetError_REAL [epel-7]↗2019-09-16

▶

Bugzilla

CVE-2019-12219 SDL2: SDL: invalid free error in function SDL_SetError_REAL [epel-7]↗2019-09-16

▶

Bugzilla

CVE-2019-12219 SDL2: SDL: invalid free error in function SDL_SetError_REAL [fedora-all]↗2019-09-16

▶

Bugzilla

CVE-2019-12219 SDL: invalid free error in function SDL_SetError_REAL↗2019-07-23

▶