CVE-2019-7576

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt