CVE-2019-7573

Priority
Description
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a
heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the
wNumCoef loop).
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):needed
Ubuntu 14.04 ESM (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 19.04 (Disco Dingo):needed
Ubuntu 19.10 (Eoan):needed
Patches:
Upstream:https://hg.libsdl.org/SDL/rev/388987dff7bf
Upstream:https://hg.libsdl.org/SDL/rev/fcbecae42795
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 19.04 (Disco Dingo):needed
Ubuntu 19.10 (Eoan):needed
Patches:
Upstream:https://hg.libsdl.org/SDL/rev/f9a9d6c76b21
More Information

Updated: 2019-08-23 07:59:49 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)