Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 766204 (CVE-2020-14409, CVE-2020-14410)

Summary: <media-libs/libsdl2-2.0.14-r1: Multiple vulnerabilities
Product: Gentoo Security Reporter: Sam James <sam>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: games
Priority: Normal Flags: nattka: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [glsa+ cve]
Package list:
=media-libs/libsdl2-2.0.14-r1 amd64 arm arm64 ppc ppc64 sparc x86
Runtime testing required: ---
Bug Depends on: 774474    
Bug Blocks:    

Description Sam James archtester gentoo-dev Security 2021-01-19 21:38:33 UTC
* CVE-2020-14409

Description:
"SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file."

* CVE-2020-14410

Description:
"SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file."

Same links for both:
https://bugzilla.libsdl.org/show_bug.cgi?id=5200
https://hg.libsdl.org/SDL/rev/3f9b4e92c1d9
Comment 1 Sam James archtester gentoo-dev Security 2021-04-21 10:32:43 UTC
I suppose it’s time... chewi, any objections?
Comment 2 James Le Cuirot gentoo-dev 2021-04-21 10:43:10 UTC
Do it!
Comment 3 Sergei Trofimovich (RETIRED) gentoo-dev 2021-04-25 09:26:33 UTC
ppc stable

ppc64@ CC missing? added
Comment 4 Sergei Trofimovich (RETIRED) gentoo-dev 2021-04-25 09:29:09 UTC
sparc stable
Comment 5 ernsteiswuerfel archtester 2021-04-28 14:24:23 UTC
Looking good on ppc64.

rdep pygame fails tests (bug #753026).

 # cat libsdl2-766204.report 
USE tests started on Mi 28. Apr 01:23:11 CEST 2021

FEATURES=' test' USE='' succeeded for =media-libs/libsdl2-2.0.14-r1
USE='-X -alsa cpu_flags_ppc_altivec -dbus -fcitx4 -gles2 -haptic -ibus -jack joystick kms libsamplerate nas -opengl -oss pulseaudio sound -static-libs threads -udev -video -wayland -xinerama -xscreensaver' succeeded for =media-libs/libsdl2-2.0.14-r1
USE='-X -alsa cpu_flags_ppc_altivec -dbus -fcitx4 -gles2 -haptic -ibus jack -joystick kms -libsamplerate -nas -opengl -oss pulseaudio sound -static-libs threads -udev video -wayland -xinerama -xscreensaver' succeeded for =media-libs/libsdl2-2.0.14-r1
USE='-X -alsa -cpu_flags_ppc_altivec -dbus -fcitx4 gles2 -haptic -ibus jack -joystick -kms libsamplerate nas -opengl -oss pulseaudio sound static-libs threads -udev video -wayland -xinerama -xscreensaver' succeeded for =media-libs/libsdl2-2.0.14-r1
USE='X alsa -cpu_flags_ppc_altivec dbus -fcitx4 gles2 -haptic ibus -jack -joystick -kms libsamplerate -nas opengl -oss -pulseaudio sound -static-libs threads udev video wayland -xinerama -xscreensaver' succeeded for =media-libs/libsdl2-2.0.14-r1
USE='X -alsa -cpu_flags_ppc_altivec dbus fcitx4 gles2 haptic -ibus -jack -joystick -kms -libsamplerate nas opengl -oss -pulseaudio sound -static-libs threads udev video wayland -xinerama -xscreensaver' succeeded for =media-libs/libsdl2-2.0.14-r1
USE='X alsa cpu_flags_ppc_altivec dbus -fcitx4 -gles2 haptic ibus jack joystick kms libsamplerate nas -opengl oss pulseaudio sound -static-libs -threads udev -video -wayland xinerama -xscreensaver' succeeded for =media-libs/libsdl2-2.0.14-r1
USE='X -alsa cpu_flags_ppc_altivec -dbus -fcitx4 -gles2 haptic -ibus jack joystick -kms libsamplerate -nas -opengl oss pulseaudio sound -static-libs threads -udev -video -wayland -xinerama xscreensaver' succeeded for =media-libs/libsdl2-2.0.14-r1
USE='X alsa cpu_flags_ppc_altivec -dbus -fcitx4 -gles2 haptic -ibus jack joystick -kms libsamplerate -nas opengl -oss pulseaudio sound -static-libs -threads udev video -wayland -xinerama xscreensaver' succeeded for =media-libs/libsdl2-2.0.14-r1
USE='X -alsa cpu_flags_ppc_altivec dbus fcitx4 gles2 haptic -ibus -jack joystick kms libsamplerate nas opengl oss pulseaudio sound static-libs threads -udev video -wayland xinerama xscreensaver' succeeded for =media-libs/libsdl2-2.0.14-r1
USE='X -alsa -cpu_flags_ppc_altivec dbus -fcitx4 gles2 -haptic -ibus -jack joystick kms libsamplerate -nas opengl oss -pulseaudio sound -static-libs -threads udev video -wayland xinerama xscreensaver' succeeded for =media-libs/libsdl2-2.0.14-r1
USE='X alsa cpu_flags_ppc_altivec dbus -fcitx4 -gles2 haptic ibus -jack joystick kms -libsamplerate nas -opengl -oss pulseaudio sound static-libs threads udev video -wayland xinerama xscreensaver' succeeded for =media-libs/libsdl2-2.0.14-r1
USE='X -alsa -cpu_flags_ppc_altivec dbus -fcitx4 gles2 -haptic ibus jack -joystick kms libsamplerate nas -opengl oss pulseaudio sound static-libs threads -udev video wayland xinerama xscreensaver' succeeded for =media-libs/libsdl2-2.0.14-r1

revdep tests started on Mi 28. Apr 15:36:32 CEST 2021

FEATURES=' test' USE='sdl' succeeded for media-libs/openal
FEATURES=' test' USE='sdl' succeeded for media-libs/libprojectm
FEATURES=' test' USE='sdl' succeeded for media-sound/fluidsynth
USE='-X' FEATURES=' test' failed for dev-python/pygame
FEATURES=' test' USE='gamepad sdl' succeeded for media-video/mpv
FEATURES=' test' USE='examples sdl sdl2' succeeded for dev-games/openscenegraph
FEATURES=' test' USE='-static sdl' succeeded for app-emulation/qemu
FEATURES=' test' USE='sdl' succeeded for x11-libs/tslib
FEATURES=' test' USE='examples' succeeded for media-libs/dumb
FEATURES=' test' USE='sdl' succeeded for x11-libs/wxGTK
Comment 6 Agostino Sarubbo gentoo-dev 2021-05-01 18:20:47 UTC
amd64 stable
Comment 7 Sergei Trofimovich (RETIRED) gentoo-dev 2021-05-06 09:20:05 UTC
ppc64 stable
Comment 8 Agostino Sarubbo gentoo-dev 2021-05-10 06:59:34 UTC
x86 stable
Comment 9 Sam James archtester gentoo-dev Security 2021-05-15 02:41:28 UTC
arm done
Comment 10 Sam James archtester gentoo-dev Security 2021-05-15 19:17:36 UTC
arm64 done

all arches done
Comment 11 John Helmert III gentoo-dev Security 2021-05-16 03:26:25 UTC
Please cleanup, thanks!
Comment 12 John Helmert III gentoo-dev Security 2021-07-24 02:31:27 UTC
GLSA request filed.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2021-07-24 03:07:56 UTC
This issue was resolved and addressed in
 GLSA 202107-55 at https://security.gentoo.org/glsa/202107-55
by GLSA coordinator John Helmert III (ajak).
Comment 14 Larry the Git Cow gentoo-dev 2021-07-25 01:36:30 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b7123d5088482b6a414f9f3b7da7738360b6d853

commit b7123d5088482b6a414f9f3b7da7738360b6d853
Author:     Ionen Wolkens <ionen@gentoo.org>
AuthorDate: 2021-07-25 00:39:37 +0000
Commit:     Ionen Wolkens <ionen@gentoo.org>
CommitDate: 2021-07-25 01:35:08 +0000

    media-libs/libsdl2: drop vulnerable 2.0.12-r2
    
    Bug: https://bugs.gentoo.org/766204
    Signed-off-by: Ionen Wolkens <ionen@gentoo.org>

 media-libs/libsdl2/Manifest                        |   1 -
 .../files/libsdl2-2.0.12-egl-detection.patch       |  24 ---
 .../libsdl2/files/libsdl2-2.0.12-static-libs.patch |  48 -----
 .../files/libsdl2-2.0.12-vulkan-headers.patch      |  17 --
 media-libs/libsdl2/libsdl2-2.0.12-r2.ebuild        | 204 ---------------------
 media-libs/libsdl2/metadata.xml                    |   1 -
 6 files changed, 295 deletions(-)
Comment 15 John Helmert III gentoo-dev Security 2021-07-25 02:02:10 UTC
Thanks!