Lucene search

[email protected]CVE-2022-34568

HistoryJul 28, 2022 - 10:15 p.m.

CVE-2022-34568

2022-07-2822:15:00

CWE-416

[email protected]

web.nvd.nist.gov

nvd

cve-2022-34568

sdl v1.2

use-after-free

xfree function

security vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

34.1%

JSON

SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11/SDL_x11yuv.c.

CPENameOperatorVersion
libsdl:simple_directmedia_layerlibsdl simple directmedia layerle1.2.15

CPE	Name	Operator	Version
libsdl:simple_directmedia_layer	libsdl simple directmedia layer	le	1.2.15

References

github.com/libsdl-org/SDL-1.2/issues/863

security.gentoo.org/glsa/202305-17

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

34.1%

JSON

Related for CVE-2022-34568

prion1 nessus2 debiancve1 ubuntu1 osv2 openvas2 ubuntucve1 mageia1 gentoo1