VDB
CVE-2019-13626
CVE-2019-13626
PUBLISHED
SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c.
EPSS 1.21% · 79.3th percentile
Risk Scores
EPSS Score
1.21%
79.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:18.04:LTS | libsdl2 | 0, *, * |
| Ubuntu:16.04:LTS | libsdl2 | *, 0, 2.0.2+dfsg1-6ubuntu2 |
| Ubuntu:Pro:14.04:LTS | libsdl2 | 2.0.1+dfsg1-1ubuntu1, 2.0.1+dfsg1-1, 2.0.0+dfsg1-3 |
Timeline
- Jul 17, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 5, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2019-13626 third-party-advisory
- https://bugzilla.libsdl.org/show_bug.cgi?id=4522 third-party-advisory
- https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2019-13626 third-party-advisory