Plattform
c
Komponente
sdl_image
Behoben in
996.0.1
CVE-2026-35444 describes a buffer overflow vulnerability within SDLimage, a library used for loading images in various formats. This flaw arises from improper validation of pixel index values when processing XCF image files, leading to potential information disclosure. Versions of SDLimage prior to 2.0.6 are affected, and a fix has been released.
An attacker can exploit this vulnerability by providing a specially crafted .xcf image file to an application using SDL_image. The out-of-bounds read can expose up to 762 bytes of heap memory, potentially revealing sensitive data such as cryptographic keys, session tokens, or other application-specific information. This information could then be used to compromise the application or the underlying system. The vulnerability’s impact is amplified in applications that handle untrusted image input, such as image viewers, game engines, or media processing tools. While direct remote code execution is unlikely, the leaked data could be leveraged for further attacks, similar to information disclosure vulnerabilities in image parsing libraries.
This CVE is currently not listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, suggesting a lower probability of immediate widespread exploitation. However, the vulnerability's ease of exploitation (requiring only a crafted file) warrants attention. The NVD was published on 2026-04-06.
Applications and systems that utilize SDLimage to load and display images, particularly those processing user-uploaded or externally sourced XCF files, are at risk. This includes game development environments, multimedia applications, and any software relying on SDLimage for image rendering.
• linux / server:
ps aux | grep sdl_image• c / generic: Examine SDLimage source code (src/IMGxcf.c) for the dolayersurface() function and the validation of colormap indices.
• generic web: Monitor web server access logs for requests containing XCF files, especially those originating from untrusted sources.
disclosure
Exploit-Status
EPSS
0.01% (3% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-35444 is to upgrade to SDLimage version 2.0.6 or later. If upgrading is not immediately feasible, consider implementing input validation to reject or sanitize potentially malicious .xcf files. Web applications using SDLimage should ensure that image uploads are thoroughly validated and that file extensions are properly checked. While a WAF cannot directly prevent this heap overflow, it can be configured to block requests containing suspicious .xcf files based on file size or other characteristics. After upgrading, confirm the fix by attempting to load a known malicious XCF file and verifying that the application does not crash or exhibit unexpected behavior.
Actualice a la versión 2.0.6 o posterior para mitigar el desbordamiento del búfer de la pila. Esta actualización corrige la validación de los índices de la paleta de colores, evitando así el acceso fuera de los límites de la memoria.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-35444 is a buffer overflow vulnerability in SDL_image, affecting versions up to 996bf12888925932daace576e09c3053410896f8. It allows attackers to potentially leak heap memory by crafting malicious XCF image files.
You are affected if you are using SDLimage version 996bf12888925932daace576e09c3053410896f8 or earlier. Check your SDLimage version and upgrade if necessary.
Upgrade to SDL_image version 2.0.6 or later to resolve the vulnerability. If upgrading is not possible, implement input validation to restrict the processing of XCF files.
As of now, there are no known public exploits or active campaigns targeting CVE-2026-35444, but the vulnerability poses a significant risk.
Refer to the official SDL_image project website and security advisories for updates and further information regarding CVE-2026-35444.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.