Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2023-45913

Published: 27 March 2024

** DISPUTED ** Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId(). This vulnerability is triggered when the X11 server sends an DRI2_BufferSwapComplete event unexpectedly when the application is using DRI3. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated.

Notes

Author Note
Priority reason:
The security impact of this issue is disputed

Priority

Negligible

Status

Package Release Status
mesa
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(disputed)
focal Not vulnerable
(disputed)
jammy Not vulnerable
(disputed)
mantic Ignored
(end of life, was needs-triage)
noble Not vulnerable
(disputed)
trusty Not vulnerable
(disputed)
upstream Needs triage

xenial Not vulnerable
(disputed)