CVE-2019-5068

NameCVE-2019-5068
DescriptionAn exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1993-1
NVD severitylow
Debian Bugs944298

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
mesa (PTS)jessie10.3.2-1+deb8u1vulnerable
jessie (security)10.3.2-1+deb8u2fixed
stretch13.0.6-1vulnerable
buster18.3.6-2vulnerable
bullseye, sid19.2.3-1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mesasource(unstable)(unfixed)944298
mesasourcejessie10.3.2-1+deb8u2DLA-1993-1

Notes

https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857
https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html
Search for package or bug name: Reporting problems