There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple DirectMedia Layer) 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution.
[ { "deprecated": false, "source": "https://github.com/libsdl-org/sdl/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9", "signature_type": "Function", "target": { "file": "src/video/SDL_pixels.c", "function": "Map1to1" }, "id": "CVE-2021-33657-493fc812", "digest": { "length": 673.0, "function_hash": "135559890956021690986487977211098728481" }, "signature_version": "v1" }, { "deprecated": false, "source": "https://github.com/libsdl-org/sdl/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9", "signature_type": "Function", "target": { "file": "src/video/SDL_pixels.c", "function": "Map1toN" }, "id": "CVE-2021-33657-52cbc3ff", "digest": { "length": 860.0, "function_hash": "120029847142050598506380381411279339480" }, "signature_version": "v1" }, { "deprecated": false, "source": "https://github.com/libsdl-org/sdl/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9", "signature_type": "Line", "target": { "file": "src/video/SDL_pixels.c" }, "id": "CVE-2021-33657-795aa1c9", "digest": { "line_hashes": [ "237541296599115013407641409675079124889", "272085526378248488061226745576933115711", "235132022122211645155266490537828432366", "103230726993537480189666107780129338690", "159352565534071501880625154615757691494", "63061321940708442293120198552799010986", "43469035986305709707052829820256164457", "101640187021522532256005357573848813681" ], "threshold": 0.9 }, "signature_version": "v1" } ]