Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2024/Jan/47 | Mailing List Third Party Advisory |
https://gitlab.freedesktop.org/mesa/mesa/-/issues/9858 | Exploit Vendor Advisory |
http://seclists.org/fulldisclosure/2024/Jan/47 | Mailing List Third Party Advisory |
https://gitlab.freedesktop.org/mesa/mesa/-/issues/9858 | Exploit Vendor Advisory |
Configurations
History
29 May 2025, 15:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mesa3d:mesa:23.0.4:*:*:*:*:*:*:* | |
First Time |
Mesa3d mesa
Mesa3d |
|
References | () http://seclists.org/fulldisclosure/2024/Jan/47 - Mailing List, Third Party Advisory | |
References | () https://gitlab.freedesktop.org/mesa/mesa/-/issues/9858 - Exploit, Vendor Advisory |
21 Nov 2024, 08:27
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/fulldisclosure/2024/Jan/47 - | |
References | () https://gitlab.freedesktop.org/mesa/mesa/-/issues/9858 - |
11 Jul 2024, 15:05
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-126 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
27 Mar 2024, 12:29
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
27 Mar 2024, 05:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-27 05:15
Updated : 2025-05-29 15:30
NVD link : CVE-2023-45919
Mitre link : CVE-2023-45919
CVE.ORG link : CVE-2023-45919
JSON object : View
Products Affected
mesa3d
- mesa
CWE
CWE-126
Buffer Over-read