CVE-2022-4743

Опубликовано: 12 янв. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected.

Ссылки

https://access.redhat.com/security/cve/CVE-2022-4743
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2156290
Issue Tracking
Patch
Third Party Advisory
https://github.com/libsdl-org/SDL/commit/00b67f55727bc0944c3266e2b875440da132ce4b
Patch
Third Party Advisory
https://github.com/libsdl-org/SDL/pull/6269
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/02/msg00008.html
https://security.gentoo.org/glsa/202305-18
https://access.redhat.com/security/cve/CVE-2022-4743
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2156290
Issue Tracking
Patch
Third Party Advisory
https://github.com/libsdl-org/SDL/commit/00b67f55727bc0944c3266e2b875440da132ce4b
Patch
Third Party Advisory
https://github.com/libsdl-org/SDL/pull/6269
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/02/msg00008.html
https://security.gentoo.org/glsa/202305-18

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libsdl:simple_directmedia_layer:*:*:*:*:*:*:*:*

Версия от 2.0.4 (включая) до 2.26.0 (исключая)

Конфигурация 2

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 17%

0.00054

Низкий

7.5 High

CVSS3

Дефекты

CWE-401

Связанные уязвимости

CVE-2022-4743

CVSS3: 7.5

ubuntu

больше 2 лет назад

CVE-2022-4743

CVSS3: 7.5

redhat

почти 3 года назад

CVE-2022-4743

CVSS3: 7.5

debian

больше 2 лет назад

A potential memory leak issue was discovered in SDL2 in GLES_CreateTex ...

SUSE-SU-2023:0069-1

suse-cvrf

больше 2 лет назад

Security update for SDL2

ROS-20230117-01

CVSS3: 6.5

redos

больше 2 лет назад

Уязвимость SDL2

EPSS

Процентиль: 17%

0.00054

Низкий

7.5 High

CVSS3

Дефекты

CWE-401