CVE-2023-45919

Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server.
References
Link Resource
http://seclists.org/fulldisclosure/2024/Jan/47 Mailing List Third Party Advisory
https://gitlab.freedesktop.org/mesa/mesa/-/issues/9858 Exploit Vendor Advisory
http://seclists.org/fulldisclosure/2024/Jan/47 Mailing List Third Party Advisory
https://gitlab.freedesktop.org/mesa/mesa/-/issues/9858 Exploit Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:mesa3d:mesa:23.0.4:*:*:*:*:*:*:*

History

29 May 2025, 15:30

Type Values Removed Values Added
CPE cpe:2.3:a:mesa3d:mesa:23.0.4:*:*:*:*:*:*:*
First Time Mesa3d mesa
Mesa3d
References () http://seclists.org/fulldisclosure/2024/Jan/47 - () http://seclists.org/fulldisclosure/2024/Jan/47 - Mailing List, Third Party Advisory
References () https://gitlab.freedesktop.org/mesa/mesa/-/issues/9858 - () https://gitlab.freedesktop.org/mesa/mesa/-/issues/9858 - Exploit, Vendor Advisory

21 Nov 2024, 08:27

Type Values Removed Values Added
References () http://seclists.org/fulldisclosure/2024/Jan/47 - () http://seclists.org/fulldisclosure/2024/Jan/47 -
References () https://gitlab.freedesktop.org/mesa/mesa/-/issues/9858 - () https://gitlab.freedesktop.org/mesa/mesa/-/issues/9858 -

11 Jul 2024, 15:05

Type Values Removed Values Added
CWE CWE-126
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3

27 Mar 2024, 12:29

Type Values Removed Values Added
Summary
  • (es) Se descubrió que Mesa 23.0.4 contenía un búfer sobreleído en glXQueryServerString(). NOTA: esto está en disputa porque no hay situaciones comunes en las que los usuarios requieran una operación ininterrumpida con un servidor controlador de atacante.

27 Mar 2024, 05:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-27 05:15

Updated : 2025-05-29 15:30


NVD link : CVE-2023-45919

Mitre link : CVE-2023-45919

CVE.ORG link : CVE-2023-45919


JSON object : View

Products Affected

mesa3d

  • mesa
CWE
CWE-126

Buffer Over-read