{"id":"USN-4156-1","summary":"libsdl1.2 vulnerabilities","details":"It was discovered that SDL incorrectly handled certain images. If a user\nwere tricked into opening a crafted image file, a remote attacker could\nuse this issue to cause SDL to crash, resulting in a denial of service, or\npossibly execute arbitrary code.\n","modified":"2026-02-10T04:41:39Z","published":"2019-10-15T18:27:06Z","related":["UBUNTU-CVE-2019-13616","UBUNTU-CVE-2019-7572","UBUNTU-CVE-2019-7573","UBUNTU-CVE-2019-7574","UBUNTU-CVE-2019-7575","UBUNTU-CVE-2019-7576","UBUNTU-CVE-2019-7577","UBUNTU-CVE-2019-7578","UBUNTU-CVE-2019-7635","UBUNTU-CVE-2019-7636","UBUNTU-CVE-2019-7637","UBUNTU-CVE-2019-7638"],"upstream":["CVE-2019-13616","CVE-2019-7572","CVE-2019-7573","CVE-2019-7574","CVE-2019-7575","CVE-2019-7576","CVE-2019-7577","CVE-2019-7578","CVE-2019-7635","CVE-2019-7636","CVE-2019-7637","CVE-2019-7638","UBUNTU-CVE-2019-13616","UBUNTU-CVE-2019-7572","UBUNTU-CVE-2019-7573","UBUNTU-CVE-2019-7574","UBUNTU-CVE-2019-7575","UBUNTU-CVE-2019-7576","UBUNTU-CVE-2019-7577","UBUNTU-CVE-2019-7578","UBUNTU-CVE-2019-7635","UBUNTU-CVE-2019-7636","UBUNTU-CVE-2019-7637","UBUNTU-CVE-2019-7638"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4156-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-7572"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-7573"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-7574"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-7575"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-7576"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-7577"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-7578"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-7635"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-7636"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-7637"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-7638"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-13616"}],"affected":[{"package":{"name":"libsdl1.2","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/libsdl1.2@1.2.15+dfsg1-3ubuntu0.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.15+dfsg1-3ubuntu0.1"}]}],"versions":["1.2.15-11ubuntu1","1.2.15-12ubuntu1","1.2.15+dfsg1-3"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"1.2.15+dfsg1-3ubuntu0.1","binary_name":"libsdl1.2-dev"},{"binary_version":"1.2.15+dfsg1-3ubuntu0.1","binary_name":"libsdl1.2debian"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"id":"CVE-2019-7572","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7573","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7574","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7575","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7576","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7577","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7578","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7635","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2019-7636","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2019-7637","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2019-7638","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2019-13616","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4156-1.json"}},{"package":{"name":"libsdl1.2","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/libsdl1.2@1.2.15+dfsg2-0.1ubuntu0.1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.15+dfsg2-0.1ubuntu0.1"}]}],"versions":["1.2.15+dfsg2-0.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"1.2.15+dfsg2-0.1ubuntu0.1","binary_name":"libsdl1.2-dev"},{"binary_version":"1.2.15+dfsg2-0.1ubuntu0.1","binary_name":"libsdl1.2debian"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2019-7572","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7573","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7574","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7575","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7576","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7577","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7578","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2019-7635","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2019-7636","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2019-7637","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2019-7638","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2019-13616","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4156-1.json"}}],"schema_version":"1.7.3"}