Red Hat Sdl vulnerabilities

CVE-2019-14906 [HIGH] CWE-787 CVE-2019-14906: A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affects Red Hat SDL packages, SDL versions through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow flaw while copying an existing surface into a new optimized one, due to a lack of validation while loading a

CVE-2019-5057 [HIGH] CWE-122 CVE-2019-5057: An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2 An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2019-5058 [HIGH] CWE-122 CVE-2019-5058: An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2 An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2019-5059 [HIGH] CWE-190 CVE-2019-5059: An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2 An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately ending in code execution. An attacker can display a s

CVE-2019-5060 [HIGH] CWE-190 CVE-2019-5060: An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2 An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap overflow, ultimately ending in code execution. An attacke

CVE-2019-13616 [HIGH] CWE-125 CVE-2019-13616: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-rea SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.