CyberSec.Space Logo
Back to CVE Browser

CVE-2019-7572

HIGH
8.8
CVSS Severity Score
EPSS Score0.0070%
EPSS Percentile16.59th
PublishedFeb 7, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.

Affected Platforms (CPE)

πŸ“¦
Libsdl

Simple Directmedia Layer

<= 1.2.15
πŸ“¦
Libsdl

Simple Directmedia Layer

>= 2.0.0 and <= 2.0.9
πŸ’»
Debian

Debian Linux

= 8.0
πŸ’»
Debian

Debian Linux

= 9.0
πŸ’»
Opensuse

Leap

= 15.0
πŸ’»
Opensuse

Leap

= 42.3
πŸ’»
Canonical

Ubuntu Linux

= 12.04
πŸ’»
Canonical

Ubuntu Linux

= 14.04
πŸ’»
Canonical

Ubuntu Linux

= 16.04
πŸ’»
Canonical

Ubuntu Linux

= 18.04
πŸ’»
Fedoraproject

Fedora

= 31

References & Advisories

πŸ”— http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00073.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00088.html
πŸ”— https://bugzilla.libsdl.org/show_bug.cgi?id=4495
πŸ”— https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720
πŸ”— https://lists.debian.org/debian-lts-announce/2019/03/msg00015.html
πŸ”— https://lists.debian.org/debian-lts-announce/2019/03/msg00016.html
πŸ”— https://lists.debian.org/debian-lts-announce/2019/10/msg00020.html

Related Vulnerabilities

CVE-2019-75748.8

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio...

CVE-2018-38398.8

An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image...

CVE-2019-75738.8

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL...

CVE-2019-75758.8

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/S...