SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file. CREATE(Triage):(User=admin) [CVE-2020-14409|https://nvd.nist.gov/vuln/detail/CVE-2020-14409]