CVE-2017-14450

Published: 24 April 2018

A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability.

Priority

CVSS 3 base score: 7.1

Status

Package	Release	Status
libsdl2-image Launchpad, Ubuntu, Debian	artful	Ignored (reached end-of-life)
	bionic	Not vulnerable (2.0.3+dfsg1-1)
	precise	Does not exist
	trusty	Does not exist (trusty was released [2.0.0+dfsg-3+deb8u1build0.14.04.1])
	upstream	Released (2.0.3+dfsg1-1)
	xenial	Released (2.0.1+dfsg-2+deb9u1build0.16.04.1)
sdl-image1.2 Launchpad, Ubuntu, Debian	artful	Ignored (reached end-of-life)
	bionic	Not vulnerable (1.2.12-8)
	precise	Does not exist
	trusty	Released (1.2.12-5+deb9u1build0.14.04.1)
	upstream	Released (1.2.12-8)
	xenial	Released (1.2.12-5+deb9u1build0.16.04.1)

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE-2017-14450

Medium

Status

References

Join the discussion

Canonical is offering Extended Security Maintenance

Further reading