CVE-2013-1872
Published: 30 May 2013
The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access, related to the fs_visitor::remove_dead_constants function. NOTE: this issue might be related to CVE-2013-0796.
Priority
Status
Package | Release | Status |
---|---|---|
mesa Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(8.0.4-0ubuntu0.6)
|
|
quantal |
Released
(9.0.3-0ubuntu0.2)
|
|
raring |
Released
(9.1.3-0ubuntu0.3)
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://lists.freedesktop.org/pipermail/mesa-dev/2013-May/040003.html vendor: http://www.debian.org/security/2013/dsa-2704 upstream: http://cgit.freedesktop.org/mesa/mesa/commit/?id=0677ea063cd96adefe87c1fb01ef7c66d905535b |