CVE-2019-5068

Published: 11/5/2019 Last updated: 8/4/2024 Reserved: 1/4/2019

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.

CNA assigner: talos (b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.0	5.1	Medium	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Opam packages affected (6)

conf-gles2 conf-glfw3 conf-libgl conf-mesa gles3 raylib

Products affected (1)

Product	Vendor	Version
Mesa 3D X11 Graphics library	n/a	n/a

References (12)

https://lists.debian.org/debian-lts-announce/2019/11/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00037.html
https://usn.ubuntu.com/4271-1/
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857
https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html
https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc
https://lists.debian.org/debian-lts-announce/2019/11/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00037.html
https://usn.ubuntu.com/4271-1/
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857
https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html
https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc