CVE-2019-5068

EUVD-2019-14673
An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
talosCNA
5.1 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Affected Products (NVD)
VendorProductVersion
mesa3dmesa
19.1.2
opensuseleap
15.1
debiandebian_linux
8.0
canonicalubuntu_linux
18.04
canonicalubuntu_linux
19.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
mesa
bookworm
22.3.6-1+deb12u1
fixed
bullseye
20.3.5-1
fixed
sid
24.2.6-1
fixed
stretch
ignored
trixie
24.2.4-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mesa
bionic
Fixed 19.2.8-0ubuntu0~18.04.2
released
disco
ignored
eoan
Fixed 19.2.8-0ubuntu0~19.10.2
released
trusty
not-affected
xenial
not-affected
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00037.html
https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc
https://lists.debian.org/debian-lts-announce/2019/11/msg00013.html
https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857
https://usn.ubuntu.com/4271-1/
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00037.html
https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc
https://lists.debian.org/debian-lts-announce/2019/11/msg00013.html
https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857
https://usn.ubuntu.com/4271-1/