What is CVE-2022-4743?

CVE-2022-4743 is a high-severity vulnerability in Libsdl Simple_directmedia_layer, classified under Missing Release of Memory after Effective Lifetime. CVSS score: 7.5/10. Published 2023-01-12.

How severe is CVE-2022-4743?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Libsdl Simple_directmedia_layer

CVE-2022-4743

A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x…

EPSS: 0.013 (66.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Libsdl Simple_directmedia_layer
Redhat Enterprise_linux — versions 9.0
N/a Sdl2 — versions Affects SDL2 v2.0.4 and above, Fixed-in sdl-2.26.0, sdl-prerelease-2.25.1

Weakness classification (CWE)

CWE-401 — Missing Release of Memory after Effective Lifetime

References

secalert@redhat.com (Patch, Third Party Advisory, Issue Tracking)
secalert@redhat.com (Third Party Advisory)
secalert@redhat.com (Patch, Third Party Advisory)
secalert@redhat.com (Patch, Third Party Advisory)
secalert@redhat.com (mailing-list)
secalert@redhat.com (vendor-advisory)
af854a3a-2127-422b-91ae-364da2661108

Frequently asked questions

What is CVE-2022-4743?: CVE-2022-4743 is a high-severity vulnerability in Libsdl Simple_directmedia_layer, classified under Missing Release of Memory after Effective Lifetime. CVSS score: 7.5/10. Published 2023-01-12.
How severe is CVE-2022-4743?: High severity. CVSS v3 base score is 7.5 out of 10.