1
Candidate: CVE-2017-14441
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14441
5
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0490
6
https://hg.libsdl.org/SDL_image/rev/a1e9b624ca10
8
An exploitable code execution vulnerability exists in the ICO image
9
rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image
10
can cause an integer overflow, cascading to a heap overflow resulting in
11
code execution. An attacker can display a specially crafted image to
12
trigger this vulnerability.
21
Patches_libsdl2-image:
22
upstream_libsdl2-image: released (2.0.3+dfsg1-1)
23
precise/esm_libsdl2-image: DNE
24
trusty_libsdl2-image: released (2.0.0+dfsg-3+deb8u1build0.14.04.1)
25
xenial_libsdl2-image: released (2.0.1+dfsg-2+deb9u1build0.16.04.1)
26
artful_libsdl2-image: needs-triage
27
bionic_libsdl2-image: not-affected (2.0.3+dfsg1-1)
28
devel_libsdl2-image: not-affected (2.0.3+dfsg1-1)
31
upstream_sdl-image1.2: released (1.2.12-8)
32
precise/esm_sdl-image1.2: DNE
33
trusty_sdl-image1.2: released (1.2.12-5+deb9u1build0.14.04.1)
34
xenial_sdl-image1.2: released (1.2.12-5+deb9u1build0.16.04.1)
35
artful_sdl-image1.2: needs-triage
36
bionic_sdl-image1.2: not-affected (1.2.12-8)
37
devel_sdl-image1.2: not-affected (1.2.12-8)