CVE-2019-5068

Published: 05 November 2019

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.

Priority

Medium

CVSS 3 base score: 4.4

Status

Package Release Status
mesa
Launchpad, Ubuntu, Debian
Upstream
Released (19.2.6-1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (19.2.8-0ubuntu0~18.04.2)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(code not present)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(code not present)
Patches:
Upstream: https://cgit.freedesktop.org/mesa/mesa/commit/?id=02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc

Notes

AuthorNote
sbeattie
mesa and its build dependencies have been updated for the HWE
stack in bionic, so to fix this there will require no-change rebuilds
in the security pocket for libdrm, libclc, wayland, and
llvm-toolchain-9.

References

Bugs