ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2022.0332
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2022-0332)
Resumen:	The remote host is missing an update for the 'SDL12' package(s) announced via the MGASA-2022-0332 advisory.
Descripción:	Summary: The remote host is missing an update for the 'SDL12' package(s) announced via the MGASA-2022-0332 advisory. Vulnerability Insight: There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple DirectMedia Layer) 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution. (CVE-2021-33657) SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11/SDL_x11yuv.c. (CVE-2022-34568) Affected Software/OS: 'SDL12' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-33657 https://security.gentoo.org/glsa/202305-17 https://security.gentoo.org/glsa/202305-18 https://github.com/libsdl-org/SDL/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9 https://lists.debian.org/debian-lts-announce/2023/02/msg00008.html Common Vulnerability Exposure (CVE) ID: CVE-2022-34568 https://github.com/libsdl-org/SDL-1.2/issues/863
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.