{"id":"MGASA-2018-0454","summary":"Updated sdl2/mingw-SDL2 packages fix security vulnerabilities","details":"This update fixes various security vulnerabilities affecting the\nSDL2_image library, listed below. The fixes are provided in SDL2_image\n2.0.4, which depends on SDL2 2.0.8 or later. As such, the SDL2 and\nSDL2_mixer libraries are also updated to their current stable releases,\nproviding various bug fixes and features.\n\nThe security vulnerabilities fixed in this update are the following:\n\nAn exploitable code execution vulnerability exists in the ILBM image\nrendering functionality of SDL2_image-2.0.2. A specially crafted ILBM\nimage can cause a heap overflow resulting in code execution. An attacker\ncan display a specially crafted image to trigger this vulnerability.\n(TALOS-2017-0488, CVE-2017-12122)\n\nAn exploitable code execution vulnerability exists in the ILBM image\nrendering functionality of SDL2_image-2.0.2. A specially crafted ILBM\nimage can cause a stack overflow resulting in code execution. An\nattacker can display a specially crafted image to trigger this\nvulnerability. (TALOS-2017-0489, CVE-2017-14440)\n\nAn exploitable code execution vulnerability exists in the ICO image\nrendering functionality of SDL2_image-2.0.2. A specially crafted ICO\nimage can cause an integer overflow, cascading to a heap overflow\nresulting in code execution. An attacker can display a specially crafted\nimage to trigger this vulnerability. (TALOS-2017-0490, CVE-2017-14441)\n\nAn exploitable code execution vulnerability exists in the BMP image\nrendering functionality of SDL2_image-2.0.2. A specially crafted BMP\nimage can cause a stack overflow resulting in code execution. An\nattacker can display a specially crafted image to trigger this\nvulnerability. (TALOS-2017-0491, CVE-2017-14442)\n\nAn exploitable code execution vulnerability exists in the XCF image\nrendering functionality of SDL2_image-2.0.2. A specially crafted XCF\nimage can cause a heap overflow resulting in code execution. An\nattacker can display a specially crafted image to trigger this\nvulnerability. (TALOS-2017-0497, CVE-2017-14448)\n\nA double-Free vulnerability exists in the XCF image rendering\nfunctionality of SDL2_image-2.0.2. A specially crafted XCF image can\ncause a Double-Free situation to occur. An attacker can display a\nspecially crafted image to trigger this vulnerability.\n(TALOS-2017-0498, CVE-2017-14449)\n\nA buffer overflow vulnerability exists in the GIF image parsing\nfunctionality of SDL2_image-2.0.2. A specially crafted GIF image can\nlead to a buffer overflow on a global section. An attacker can display\nan image to trigger this vulnerability. (TALOS-2017-0499,\nCVE-2017-14450)\n\nAn exploitable information disclosure vulnerability exists in the PCX\nimage rendering functionality of SDL2_image-2.0.2. A specially crafted\nPCX image can cause an out-of-bounds read on the heap, resulting in\ninformation disclosure. An attacker can display a specially crafted\nimage to trigger this vulnerability. (TALOS-2018-0519, CVE-2018-3837)\n\nAn exploitable information vulnerability exists in the XCF image\nrendering functionality of SDL2_image-2.0.2. A specially crafted XCF\nimage can cause an out-of-bounds read on the heap, resulting in\ninformation disclosure. An attacker can display a specially crafted\nimage to trigger this vulnerability. (TALOS-2018-0520, CVE-2018-3838)\n\nAn exploitable code execution vulnerability exists in the XCF image\nrendering functionality of SDL2_image-2.0.2. A specially crafted XCF\nimage can cause an out-of-bounds write on the heap, resulting in code\nexecution. An attacker can display a specially crafted image to trigger\nthis vulnerability. (TALOS-2018-0521, CVE-2018-3839)\n\nAn exploitable code execution vulnerability exists in the XCF image\nrendering functionality of SDL2_image-2.0.3. A specially crafted XCF\nimage can cause a heap overflow, resulting in code execution. An\nattacker can display a specially crafted image to trigger this\nvulnerability. (TALOS-2018-0645, CVE-2018-3977)\n","modified":"2026-04-16T01:45:14.031100638Z","published":"2018-11-17T22:23:26Z","upstream":["CVE-2017-12122","CVE-2017-14440","CVE-2017-14441","CVE-2017-14442","CVE-2017-14448","CVE-2017-14449","CVE-2017-14450","CVE-2018-3837","CVE-2018-3838","CVE-2018-3839","CVE-2018-3977"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0454.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22769"},{"type":"WEB","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2017-0488"},{"type":"WEB","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2017-0489"},{"type":"WEB","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2017-0490"},{"type":"WEB","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2017-0491"},{"type":"WEB","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2017-0497"},{"type":"WEB","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2017-0498"},{"type":"WEB","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2017-0499"},{"type":"WEB","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0519"},{"type":"WEB","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0520"},{"type":"WEB","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0521"},{"type":"WEB","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0645"},{"type":"WEB","url":"https://hg.libsdl.org/SDL/file/8feb5da6f2fb/WhatsNew.txt"},{"type":"WEB","url":"https://www.libsdl.org/projects/SDL_image/"},{"type":"WEB","url":"https://www.libsdl.org/projects/SDL_mixer/"}],"affected":[{"package":{"name":"sdl2","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/sdl2?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.9-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0454.json"}},{"package":{"name":"sdl2_image","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/sdl2_image?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.4-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0454.json"}},{"package":{"name":"sdl2_mixer","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/sdl2_mixer?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.4-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0454.json"}},{"package":{"name":"mingw-SDL2","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/mingw-SDL2?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.9-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0454.json"}},{"package":{"name":"mingw-SDL2_image","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/mingw-SDL2_image?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.4-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0454.json"}},{"package":{"name":"mingw-SDL2_mixer","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/mingw-SDL2_mixer?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.4-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0454.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}