Vulnerability - CVE-2019-7637

›

›vulnerability›CVE-2019-7637

Name

CVE-2019-7637

Source

NVD ( link)Debian ( link)

Description

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.

CWEs

Published Date

Feb 8, 2019

Updated Date

Jun 17, 2026

Workaround

-

Advisories

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.htmlMailing List

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00073.htmlMailing List

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00088.htmlMailing List

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00071.htmlMailing List

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00081.htmlMailing List

https://bugzilla.libsdl.org/show_bug.cgi?id=4497Exploit

https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720Vendor Advisory

https://lists.debian.org/debian-lts-announce/2019/03/msg00015.htmlMailing List

https://lists.debian.org/debian-lts-announce/2019/03/msg00016.htmlMailing List

https://lists.debian.org/debian-lts-announce/2019/10/msg00020.htmlMailing List

https://lists.debian.org/debian-lts-announce/2019/10/msg00021.htmlMailing List

https://lists.debian.org/debian-lts-announce/2021/10/msg00031.htmlMailing List

https://lists.debian.org/debian-lts-announce/2021/10/msg00032.htmlMailing List

https://usn.ubuntu.com/4143-1/Third Party Advisory

https://usn.ubuntu.com/4156-1/Third Party Advisory

https://usn.ubuntu.com/4156-2/Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.htmlMailing List

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00073.htmlMailing List

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00088.htmlMailing List

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00071.htmlMailing List

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00081.htmlMailing List

https://bugzilla.libsdl.org/show_bug.cgi?id=4497Exploit

https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720Vendor Advisory

https://lists.debian.org/debian-lts-announce/2019/03/msg00015.htmlMailing List

https://lists.debian.org/debian-lts-announce/2019/03/msg00016.htmlMailing List

https://lists.debian.org/debian-lts-announce/2019/10/msg00020.htmlMailing List

https://lists.debian.org/debian-lts-announce/2019/10/msg00021.htmlMailing List

https://lists.debian.org/debian-lts-announce/2021/10/msg00031.htmlMailing List

https://lists.debian.org/debian-lts-announce/2021/10/msg00032.htmlMailing List

https://usn.ubuntu.com/4143-1/Third Party Advisory

https://usn.ubuntu.com/4156-1/Third Party Advisory

https://usn.ubuntu.com/4156-2/Third Party Advisory

Analysis#

Affected Component

Analysis

Vulnerability Ratings#

8.8

CVSSv31

6.8

CVSSv2

Others affected components#

Name

Project

Project Version

Version

Status

buildroot

master

1.2.15

Exploitable

buildroot

master

2.32.10

Not Affected

yocto

kirkstone

2.0.20

Not Affected

yocto

master

2.32.10

Not Affected

yocto

scarthgap

2.30.1

Not Affected