#VU8789 Stack-based buffer overflow in Simple DirectMedia Layer - CVE-2017-2887


| Updated: 2017-10-11

Vulnerability identifier: #VU8789

Vulnerability risk: High

CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2017-2887

CWE-ID: CWE-121

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Simple DirectMedia Layer
Client/Desktop applications / Multimedia software

Vendor: zlib license

Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in the XCF property handling function of Simple DirectMedia Layer SDL_image due to stack-based buffer overflow. A remote attacker can send a specially crafted xcf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation
Update to version 2.0.6.

Vulnerable software versions

Simple DirectMedia Layer: 2.0.1

External links
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0394

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.


Latest bulletins with this vulnerability


Fedora EPEL 7 update for mingw-SDL2, mingw-SDL2_image, mingw-SDL2_mixer
Fedora 29 update for mingw-SDL2_image
Fedora 28 update for mingw-SDL2_image
Fedora EPEL 7 update for SDL2_image
Fedora 29 update for SDL2_image
Fedora 28 update for SDL2_image
Stack-based buffer overflow in sdl2_image (Alpine package)
Fedora EPEL 7 update for SDL2, SDL2_gfx, SDL2_image, SDL2_mixer
Debian update for sdl-image1.2
Debian update for libsdl2-image