SDL_ttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTF_RenderText_Solid(). This vulnerability is triggered via a crafted TTF file.
References
Configurations
History
12 May 2022, 19:43
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPYTEBBNHCDGPVFACC5RC5K2FZUCYTPZ/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RXI3MDPR24W5557G34YHWOP2MOK6BTGB/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EAGMQMRQDTZFQW64JEW3O6HY3JYLAAHT/ - Mailing List, Third Party Advisory |
12 May 2022, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
11 May 2022, 17:25
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/libsdl-org/SDL_ttf/commit/db1b41ab8bde6723c24b866e466cad78c2fa0448 - Patch, Third Party Advisory | |
References | (MISC) https://github.com/libsdl-org/SDL_ttf/issues/187 - Exploit, Issue Tracking, Patch, Third Party Advisory | |
CWE | CWE-787 | |
CPE | cpe:2.3:a:libsdl:sdl_ttf:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
04 May 2022, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-04 03:15
Updated : 2024-02-04 22:29
NVD link : CVE-2022-27470
Mitre link : CVE-2022-27470
CVE.ORG link : CVE-2022-27470
JSON object : View
Products Affected
libsdl
- sdl_ttf
fedoraproject
- fedora
CWE
CWE-787
Out-of-bounds Write