Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 45 results


CVE-2022-4743

Low priority
Vulnerable

A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above....

1 affected packages

libsdl2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsdl2 Not affected Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2022-34568

Low priority

Some fixes available 1 of 8

SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11/SDL_x11yuv.c.

2 affected packages

libsdl1.2, libsdl2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsdl1.2 Not in release Vulnerable Vulnerable Vulnerable Fixed
libsdl2 Not affected Not affected Not affected Not affected Needs evaluation
Show less packages

CVE-2022-27470

Medium priority
Needs evaluation

SDL_ttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTF_RenderText_Solid(). This vulnerability is triggered via a crafted TTF file.

1 affected packages

libsdl2-ttf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsdl2-ttf Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-33657

Medium priority

Some fixes available 4 of 13

There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple DirectMedia Layer) 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of...

2 affected packages

libsdl1.2, libsdl2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsdl1.2 Not in release Vulnerable Vulnerable Fixed Fixed
libsdl2 Not affected Not affected Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2020-14410

Medium priority

Some fixes available 2 of 3

SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file.

2 affected packages

libsdl1.2, libsdl2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsdl1.2 Not in release Not affected Not affected Not affected Not affected
libsdl2 Not affected Not affected Fixed Fixed Not affected
Show less packages

CVE-2020-14409

Medium priority

Some fixes available 2 of 3

SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.

2 affected packages

libsdl1.2, libsdl2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsdl1.2 Not in release Not affected Not affected Not affected Not affected
libsdl2 Not affected Not affected Fixed Fixed Not affected
Show less packages

CVE-2019-13616

Low priority

Some fixes available 6 of 17

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.

4 affected packages

libsdl1.2, libsdl2, libsdl2-image, sdl-image1.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsdl1.2 Not in release Not affected Not affected Fixed Fixed
libsdl2 Not affected Not affected Not affected Vulnerable Vulnerable
libsdl2-image Not affected Not affected Not affected Vulnerable Vulnerable
sdl-image1.2 Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-5060

Medium priority

Some fixes available 11 of 15

An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer....

1 affected packages

libsdl2-image

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsdl2-image Fixed Fixed Fixed Vulnerable Vulnerable
Show less packages

CVE-2019-5059

Medium priority

Some fixes available 11 of 15

An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then...

1 affected packages

libsdl2-image

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsdl2-image Fixed Fixed Fixed Vulnerable Vulnerable
Show less packages

CVE-2019-5058

Medium priority

Some fixes available 11 of 15

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a...

1 affected packages

libsdl2-image

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsdl2-image Fixed Fixed Fixed Vulnerable Vulnerable
Show less packages