CVSS: 5.3EPSS: 0%CPEs: 11EXPL: 0CVE-2023-45922 – Mesa 23.0.4 Buffer Overflow / Null Pointer
https://notcve.org/view.php?id=CVE-2023-45922
29 Jan 2024 — glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling __glXGetDrawableAttribute(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server. Se descubrió que glx_pbuffer.c en Mesa 23.0.4 contenía una infracción de segmentación al llamar a __glXGetDrawableAttribute(). NOTA: esto está en disputa porque no hay situaciones comunes en las que los usuarios requieran una operación ininterru... • http://seclists.org/fulldisclosure/2024/Jan/50 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45931 – Mesa 23.0.4 Null Pointer
https://notcve.org/view.php?id=CVE-2023-45931
29 Jan 2024 — Mesa 23.0.4 was discovered to contain a NULL pointer dereference in check_xshm() for the has_error state. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated. Se descubrió que Mesa 23.0.4 contenía una desreferencia de puntero NULL en check_xshm() para el estado has_error. NOTA: esto está en disputa porque no existe ningún escenario en el que se demuestre la vulnerabilidad. Mesa version 23.0.4 suffers from a null pointer vulnerability. • https://gitlab.freedesktop.org/mesa/mesa/-/issues/9859 • CWE-476: NULL Pointer Dereference •
CVSS: 5.1EPSS: 0%CPEs: 5EXPL: 1CVE-2019-5068 – Ubuntu Security Notice USN-4271-1
https://notcve.org/view.php?id=CVE-2019-5068
05 Nov 2019 — An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability. Existe una vulnerabilidad de permisos de memoria compartida explotable en la funcionalidad de X11 de Mesa 3D Graphics Library versión 19.1.2. Un atacante puede acceder a la memoria compartida sin ningún permiso específico para activar esta vulnerabilidad. Tim Brown discovered that Me... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00037.html • CWE-277: Insecure Inherited Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 1%CPEs: 16EXPL: 0CVE-2013-1872 – Mesa: Memory corruption (OOB read/write) on intel drivers
https://notcve.org/view.php?id=CVE-2013-1872
03 Jun 2013 — The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access, related to the fs_visitor::remove_dead_constants function. NOTE: this issue might be related to CVE-2013-0796. Los controladores Intel en Mesa 8.0.x y 9.0.x, permiten a atacantes dependientes del contexto provocar una denegación de servicio (caída y afirmación ... • http://advisories.mageia.org/MGASA-2013-0190.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 7EXPL: 0CVE-2013-1993 – Mesa: Multiple integer overflows leading to heap-based bufer overflows
https://notcve.org/view.php?id=CVE-2013-1993
23 May 2013 — Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions. Múltiples desbordamientos de enteros en X.org libglx en Mesa v9.1.1 y anteriores permiten que los servidores X provoquen una asignación de memoria insuficiente y un desbordamiento de búfer a través de vectores relacionados con las funciones (1) XF86DRIOpenConne... • http://advisories.mageia.org/MGASA-2013-0190.html • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •