OpenSUSE Linux update for SDL2



Published: 2019-10-01 | Updated: 2023-03-07
Risk Medium
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2019-13616
CVE-2019-13626
CWE-ID CWE-125
CWE-190
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Public exploit code for vulnerability #2 is available.
Vulnerable software
Subscribe 		Opensuse
Operating systems & Components / Operating system

Vendor SUSE

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU19259

Risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-13616

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in the "BlitNtoN" function in the "video/SDL_blit_N.c" file when called from the "SDL_SoftBlit" function in the "video/SDL_blit.c" file. A remote attacker can trick a victim to open a specially crafted file and perform a denial of service attack.

Mitigation

Update the affected packages.

Vulnerable software versions

Opensuse: 15.1

External links

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00093.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Integer overflow

EUVDB-ID: #VU19285

Risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-13626

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack on a targeted system.

The vulnerability exists due to an integer overflow in the "IMA_ADPCM_decode()" function in the "audio/SDL_wave.c" file. A remote attacker can trick a victim to open a specially crafted file, trigger a heap-based buffer over-read condition in the "Fill_IMA_ADPCM_block" function and perform a DoS attack.

Mitigation

Update the affected packages.

Vulnerable software versions

Opensuse: 15.1

External links

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00093.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###