QwikSec

Security Database

CVE

CWE

Training

CVE-2021-33657

Published: Apr 1, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple DirectMedia Layer) 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution.

Vendor	Product	Versions
n/a	SDL2	affected `2.x to 2.0.18`

References

https://github.com/libsdl-org/SDL/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9

[debian-lts-announce] 20230208 [SECURITY] [DLA 3314-1] libsdl2 security update

mailing-list

vendor-advisory

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.