There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple DirectMedia Layer) 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution.
[ { "signature_type": "Function", "target": { "function": "Map1to1", "file": "src/video/SDL_pixels.c" }, "deprecated": false, "digest": { "function_hash": "135559890956021690986487977211098728481", "length": 673.0 }, "source": "https://github.com/libsdl-org/sdl/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9", "signature_version": "v1", "id": "CVE-2021-33657-493fc812" }, { "signature_type": "Function", "target": { "function": "Map1toN", "file": "src/video/SDL_pixels.c" }, "deprecated": false, "digest": { "function_hash": "120029847142050598506380381411279339480", "length": 860.0 }, "source": "https://github.com/libsdl-org/sdl/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9", "signature_version": "v1", "id": "CVE-2021-33657-52cbc3ff" }, { "signature_type": "Line", "target": { "file": "src/video/SDL_pixels.c" }, "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "237541296599115013407641409675079124889", "272085526378248488061226745576933115711", "235132022122211645155266490537828432366", "103230726993537480189666107780129338690", "159352565534071501880625154615757691494", "63061321940708442293120198552799010986", "43469035986305709707052829820256164457", "101640187021522532256005357573848813681" ] }, "source": "https://github.com/libsdl-org/sdl/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9", "signature_version": "v1", "id": "CVE-2021-33657-795aa1c9" } ]