Bug#878264: libsdl2: CVE-2017-2888: Integer overflow while creating a new RGB surface

Salvatore Bonaccorso carnil at debian.org
Wed Oct 11 21:03:29 UTC 2017


Source: libsdl2
Version: 2.0.6+dfsg1-2
Severity: grave
Tags: patch security upstream

Hi,

the following vulnerability was published for libsdl2.

CVE-2017-2888[0]:
| An exploitable integer overflow vulnerability exists when creating a
| new RGB Surface in SDL 2.0.5. A specially crafted file can cause an
| integer overflow resulting in too little memory being allocated which
| can lead to a buffer overflow and potential code execution. An
| attacker can provide a specially crafted image file to trigger this
| vulnerability.

Upstream patch seem to be [1], but please note that this might not be
enough, cf. https://bugzilla.redhat.com/show_bug.cgi?id=1500623#c2 .

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-2888
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2888
[1] http://hg.libsdl.org/SDL/rev/7e0f1498ddb5

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore



More information about the Pkg-sdl-maintainers mailing list