CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-7573

HIGH
8.8
CVSS Severity Score
EPSS Score0.0510%
EPSS Percentile34.39th
Published2019年2月7日
Last Modified2024年11月21日

Vulnerability Description

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).

Affected Platforms (CPE)

📦
Libsdl

Simple Directmedia Layer

<= 1.2.15
📦
Libsdl

Simple Directmedia Layer

>= 2.0.0 and <= 2.0.9
💻
Debian

Debian Linux

= 8.0
💻
Debian

Debian Linux

= 9.0
💻
Opensuse

Leap

= 15.0
💻
Opensuse

Leap

= 42.3
💻
Fedoraproject

Fedora

= 31
💻
Canonical

Ubuntu Linux

= 12.04
💻
Canonical

Ubuntu Linux

= 14.04
💻
Canonical

Ubuntu Linux

= 16.04
💻
Canonical

Ubuntu Linux

= 18.04

References & Advisories

🔗 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00073.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00088.html
🔗 https://bugzilla.libsdl.org/show_bug.cgi?id=4491
🔗 https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720
🔗 https://lists.debian.org/debian-lts-announce/2019/03/msg00015.html
🔗 https://lists.debian.org/debian-lts-announce/2019/03/msg00016.html
🔗 https://lists.debian.org/debian-lts-announce/2019/10/msg00020.html

相關漏洞威脅

CVE-2019-75748.8

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio...

CVE-2018-38398.8

An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image...

CVE-2019-75728.8

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c...

CVE-2019-75758.8

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/S...