Vulnerability Spotlight: Simple DirectMedia Layer’s SDL2_Image
This is an adaptation for Steemit of Cisco Talos. if you want to have it in HTML format you can see it here.
Overview
Talos is disclosing several vulnerabilities identified in Simple DirectMedia Layer's SDL2_Image library that could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low-level access to audio, keyboard, mouse, joystick and graphics hardware via OpenGL and Direct3D. It is used by video playback software, emulators, and popular games, including Valve's award-winning catalog, and many Humble Bundle games. SDL officially supports Windows, Mac OS X, Linux, iOS, and Android. Support for other platforms may be found in the source code. The SDL2_Image library is an optional component for SDL that deals specifically with parsing and displaying a variety of image file formats, creating a single and uniform API for image processing, regardless of the type. Simple DirectMedia Layer has released a new version of sdl image, 2.0.3 to address this issue, which can be downloaded here. Talos recommends installing this update as quickly as possible on affected systems.
Details
Discovered by Lilith Wyatt of Cisco Talos
TALOS-2017-0488/CVE-2017-12122 - Simple DirectMedia Layer SDL2_Image IMG_LoadLBM_RW Code Execution Vulnerability
An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow, resulting in code execution. An attacker who convinces the user to view a specially crafted image could exploit this vulnerability.
TALOS-2017-0489/CVE-2017-14440 - Simple DirectMedia Layer SDL2_image ILBM CMAP Parsing Code Execution Vulnerability
An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow, resulting in code execution. An attacker who convinces the user to view a specially crafted image could exploit this vulnerability.
TALOS-2017-0490/CVE-2017-14441 - Simple DirectMedia Layer SDL2_image ICO Pitch Handling Code Execution Vulnerability
An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow, resulting in code execution. An attacker who convinces the user to view a specially crafted image could exploit this vulnerability.
TALOS-2017-0491/CVE-2017-14442 - Simple DirectMedia Layer SDL2_image Image Palette Population Code Execution Vulnerability
An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow, resulting in code execution. An attacker who convinces the user to view a specially crafted image could exploit this vulnerability.
TALOS-2017-0497/CVE-2017-14448 - Simple DirectMedia Layer SDL2_image load_xcf_tile_rle Decompression Code Execution Vulnerability
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker who convinces the user to view a specially crafted image could exploit this vulnerability.
TALOS-2017-0498/CVE-2017-14449 - Simple DirectMedia Layer SDL2_image do_layer_surface Double-Free Vulnerability
An exploitable code Double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker who convinces the user to view a specially crafted image could exploit this vulnerability.
TALOS-2017-0499/CVE-2017-14450 - Simple DirectMedia Layer SDL2_Image LWZ Decompression Buffer Overflow Vulnerability
An exploitable code execution vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker who convinces the user to view a specially crafted image could exploit this vulnerability.
Coverage
The following Snort rules will detect exploitation attempts. Note that additional rules may be released at a future date, and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.
Snort Rules:
45019-45022, 45025-45026, 45033-45034, 45047-45048
Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
http://blog.talosintelligence.com/2018/03/vulnerability-spotlight-simple.html
If you vote me.... I will back you...
Please Stop
In your your last 100 comments you used 32 phrases considered to be spam and you made this exact same comment 1 times. You've received 0 flags and you may see more on comments like these. These comments are the reason why your Steem Sincerity API classification scores are Spam: 63.30% and Bot: 4.10%
Please stop making comments like this and read the ways to avoid @pleasestop and earn the support of the community.