Vulnerabilities > CVE-2022-4743 - Memory Leak vulnerability in multiple products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

libsdl

redhat

CWE-401

NVD

Published: 2023-01-12

Updated: 2023-05-03

Summary

A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected.

Vulnerable Configurations

Part	Description	Count
Application	Libsdl Libsdl Simple Directmedia Layer 2.0.4 Libsdl Simple Directmedia Layer 2.0.5 Libsdl Simple Directmedia Layer 2.0.6 Libsdl Simple Directmedia Layer 2.0.7 Libsdl Simple Directmedia Layer 2.0.8 Libsdl Simple Directmedia Layer 2.0.9 Libsdl Simple Directmedia Layer 2.0.10 Libsdl Simple Directmedia Layer 2.0.12 Libsdl Simple Directmedia Layer 2.0.14 Libsdl Simple Directmedia Layer 2.0.16 Libsdl Simple Directmedia Layer 2.0.18 Libsdl Simple Directmedia Layer 2.0.20 Libsdl Simple Directmedia Layer 2.0.22 Libsdl Simple Directmedia Layer 2.23.1 Libsdl Simple Directmedia Layer 2.23.2 Libsdl Simple Directmedia Layer 2.24.0 Libsdl Simple Directmedia Layer 2.24.1 Libsdl Simple Directmedia Layer 2.24.2 Libsdl Simple Directmedia Layer 2.25.1	22
OS	Redhat Redhat Enterprise Linux 9.0	1

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References