CVE-2022-27470
- Source
- https://cve.org/CVERecord?id=CVE-2022-27470
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-27470.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-27470
- Downstream
- Related
- Published
- 2022-05-04T03:15:07.627Z
- Modified
- 2026-03-15T22:44:13.276368Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderText_Solid(). This vulnerability is triggered via a crafted TTF file.
- References
-
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAGMQMRQDTZFQW64JEW3O6HY3JYLAAHT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RXI3MDPR24W5557G34YHWOP2MOK6BTGB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPYTEBBNHCDGPVFACC5RC5K2FZUCYTPZ/
- https://github.com/libsdl-org/SDL_ttf/issues/187
- https://github.com/libsdl-org/SDL_ttf/commit/db1b41ab8bde6723c24b866e466cad78c2fa0448
Affected packages
Git / github.com/libsdl-org/sdl_ttf
Affected versions
Other
Last_LGPL_revision
release-2.*
release-2.0.10
release-2.0.11
release-2.0.12
release-2.0.13
release-2.0.14
release-2.0.15
release-2.0.18
release-2.0.8
release-2.0.9
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"function_hash": "137396571173358460168307247144123650420",
"length": 1018.0
},
"target": {
"file": "SDL_ttf.c",
"function": "Create_Surface_Blended"
},
"id": "CVE-2022-27470-256dc5b1",
"source": "https://github.com/libsdl-org/sdl_ttf/commit/db1b41ab8bde6723c24b866e466cad78c2fa0448"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"function_hash": "130009402887661684762311681368155425169",
"length": 1848.0
},
"target": {
"file": "SDL_ttf.c",
"function": "Create_Surface_Shaded"
},
"id": "CVE-2022-27470-669b07da",
"source": "https://github.com/libsdl-org/sdl_ttf/commit/db1b41ab8bde6723c24b866e466cad78c2fa0448"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"270510694538921350392121102530163546239",
"124122267798574511640084568586616589552",
"286458684089463468338458938889385322942",
"150679597858678513831754182126436406233",
"142266846761783483939639097313637824327",
"180409813062706396087937398028464459544",
"286458684089463468338458938889385322942",
"150679597858678513831754182126436406233",
"83381688109695189361718463534996348629",
"160948163142671191374137794067733679829",
"217842000718041149224293011725540218397",
"116259183769259541956858137261490443221"
]
},
"target": {
"file": "SDL_ttf.c"
},
"id": "CVE-2022-27470-db00c63a",
"source": "https://github.com/libsdl-org/sdl_ttf/commit/db1b41ab8bde6723c24b866e466cad78c2fa0448"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"function_hash": "335978653677243205703509191001628725270",
"length": 1149.0
},
"target": {
"file": "SDL_ttf.c",
"function": "Create_Surface_Solid"
},
"id": "CVE-2022-27470-ef340056",
"source": "https://github.com/libsdl-org/sdl_ttf/commit/db1b41ab8bde6723c24b866e466cad78c2fa0448"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-27470.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "34"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "35"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "36"
}
]
}
]