Bug#878264: libsdl2: CVE-2017-2888: Integer overflow while creating a new RGB surface
Salvatore Bonaccorso
carnil at debian.org
Wed Oct 11 21:03:29 UTC 2017
Source: libsdl2
Version: 2.0.6+dfsg1-2
Severity: grave
Tags: patch security upstream
Hi,
the following vulnerability was published for libsdl2.
CVE-2017-2888[0]:
| An exploitable integer overflow vulnerability exists when creating a
| new RGB Surface in SDL 2.0.5. A specially crafted file can cause an
| integer overflow resulting in too little memory being allocated which
| can lead to a buffer overflow and potential code execution. An
| attacker can provide a specially crafted image file to trigger this
| vulnerability.
Upstream patch seem to be [1], but please note that this might not be
enough, cf. https://bugzilla.redhat.com/show_bug.cgi?id=1500623#c2 .
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-2888
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2888
[1] http://hg.libsdl.org/SDL/rev/7e0f1498ddb5
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Pkg-sdl-maintainers
mailing list