AVG-1480 log
Package | sdl2 |
Status | Fixed |
Severity | Medium |
Type | multiple issues |
Affected | 2.0.12-3 |
Fixed | 2.0.14-1 |
Current | 2.30.9-1 [extra] |
Ticket | None |
Created | Tue Jan 19 20:52:03 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2020-14410 | Low | No | Denial of service | SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file. |
CVE-2020-14409 | Medium | No | Arbitrary code execution | SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c... |