CVE-2019-5068

NameCVE-2019-5068
DescriptionAn exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1993-1
NVD severitylow
Debian Bugs944298

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
mesa (PTS)stretch13.0.6-1vulnerable
buster18.3.6-2+deb10u1fixed
bullseye, sid20.1.8-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mesasourcejessie10.3.2-1+deb8u2DLA-1993-1
mesasourcebuster18.3.6-2+deb10u1
mesasource(unstable)19.2.6-1low944298

Notes

[stretch] - mesa <no-dsa> (Minor issue)
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857
https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html
https://cgit.freedesktop.org/mesa/mesa/commit/?id=02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc

Search for package or bug name: Reporting problems