Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
aports
aports
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 650
    • Issues 650
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 215
    • Merge Requests 215
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • alpine
  • aportsaports
  • Issues
  • #10339

Closed
Open
Opened Apr 25, 2019 by Alicha CH@alichaReporter

[3.9] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)

CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9
has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.

References:

https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495

Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618

CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a
heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).

References:

https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573

Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620

CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has
a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.

References:

https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574

Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610

CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has
a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.

References:

https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493

Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609

CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based
buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).

References:

https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490

Proposed patch: https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff

CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a
buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.

References:

https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577

Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694

CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has
a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.

References:

https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578

Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623

CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.

References:

https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635

CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9
has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.

References:

https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499

CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has
a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.

References:

https://security-tracker.debian.org/tracker/CVE-2019-7637

CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.

References:

https://bugzilla.libsdl.org/show\_bug.cgi?id=4500

(from redmine: issue id 10339, created on 2019-04-25)

  • Relations:
    • parent #10337 (closed)
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
3.9.5
Milestone
3.9.5
Assign milestone
Time tracking
None
Due date
None
Reference: alpine/aports#10339