Unrated severityNVD Advisory· Published Jul 16, 2019· Updated Aug 4, 2024
CVE-2019-13616
CVE-2019-13616
Description
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24- SDL/Simple DirectMedia Layerdescription
- Range: <=1.2.15
- osv-coords22 versionspkg:rpm/opensuse/SDL2&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/SDL2&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/SDL2&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/SDL2_image&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/SDL2_image&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/SDL&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/SDL&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/SDL&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/SDL_image&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/SDL_image&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/SDL2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015pkg:rpm/suse/SDL2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1pkg:rpm/suse/SDL2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP1pkg:rpm/suse/SDL2_image&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/SDL2_image&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/SDL&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1pkg:rpm/suse/SDL&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP2pkg:rpm/suse/SDL&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/SDL&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/SDL&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/SDL_image&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/SDL_image&distro=SUSE%20Package%20Hub%2015%20SP1
< 2.0.8-lp150.2.9.1+ 21 more
- (no CPE)range: < 2.0.8-lp150.2.9.1
- (no CPE)range: < 2.0.8-lp151.4.6.1
- (no CPE)range: < 2.0.16-2.3
- (no CPE)range: < 2.0.5-lp151.2.5.1
- (no CPE)range: < 2.0.5-lp151.2.5.1
- (no CPE)range: < 1.2.15-lp151.4.3.1
- (no CPE)range: < 1.2.15-lp152.5.3.1
- (no CPE)range: < 1.2.15-1.1
- (no CPE)range: < 1.2.12+hg695-lp151.3.3.1
- (no CPE)range: < 1.2.12+hg695-lp151.3.3.1
- (no CPE)range: < 2.0.8-3.15.1
- (no CPE)range: < 2.0.8-3.15.1
- (no CPE)range: < 2.0.8-3.15.1
- (no CPE)range: < 2.0.5-bp151.4.3.1
- (no CPE)range: < 2.0.5-bp151.4.3.1
- (no CPE)range: < 1.2.15-3.12.73
- (no CPE)range: < 1.2.15-3.12.73
- (no CPE)range: < 1.2.15-15.14.2
- (no CPE)range: < 1.2.15-15.14.2
- (no CPE)range: < 1.2.15-15.14.2
- (no CPE)range: < 1.2.12+hg695-bp151.4.3.1
- (no CPE)range: < 1.2.12+hg695-bp151.4.3.1
Patches
Vulnerability mechanics
References
22- lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.htmlmitrevendor-advisory
- lists.opensuse.org/opensuse-security-announce/2019-09/msg00014.htmlmitrevendor-advisory
- lists.opensuse.org/opensuse-security-announce/2019-09/msg00029.htmlmitrevendor-advisory
- lists.opensuse.org/opensuse-security-announce/2019-09/msg00030.htmlmitrevendor-advisory
- lists.opensuse.org/opensuse-security-announce/2019-09/msg00093.htmlmitrevendor-advisory
- lists.opensuse.org/opensuse-security-announce/2019-09/msg00094.htmlmitrevendor-advisory
- access.redhat.com/errata/RHSA-2019:3950mitrevendor-advisory
- access.redhat.com/errata/RHSA-2019:3951mitrevendor-advisory
- access.redhat.com/errata/RHSA-2020:0293mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZO47LLKKRXKMUGSRCFNHSTHG5OEBYCG/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GY6FDFPYUJ7YPY3XB5U75VJHBSVRVIKO/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HEH5RO7XZA5DDCO2XOP4QHDEELQQTYV2/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UITVW4WTOOCECLLWPQCV7VWMU66DN255/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VDNX3RVXTWELBXQDNERNVVKDGKDF2MPB/mitrevendor-advisory
- security.gentoo.org/glsa/202305-17mitrevendor-advisory
- usn.ubuntu.com/4156-1/mitrevendor-advisory
- usn.ubuntu.com/4156-2/mitrevendor-advisory
- usn.ubuntu.com/4238-1/mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2021/01/msg00024.htmlmitremailing-list
- lists.debian.org/debian-lts-announce/2021/10/msg00032.htmlmitremailing-list
- lists.debian.org/debian-lts-announce/2023/02/msg00008.htmlmitremailing-list
- bugzilla.libsdl.org/show_bug.cgimitre
News mentions
0No linked articles in our index yet.