CVE-2013-1993

Publication date 23 May 2013

Last updated 24 July 2024

Ubuntu priority

Description

Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
mesa	13.04 raring	Fixed 9.1.3-0ubuntu0.3
	12.10 quantal	Fixed 9.0.3-0ubuntu0.2
	12.04 LTS precise	Fixed 8.0.4-0ubuntu0.6
	10.04 LTS lucid	Ignored end of life

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
mesa	Upstream: http://cgit.freedesktop.org/mesa/mesa/commit?id=2e5a268f18be30df15aed0b44b01a18a37fb5df4 Upstream: http://cgit.freedesktop.org/mesa/mesa/commit?id=306f630e676eb901789dd09a0f30d7e7fa941ebe

References

Related Ubuntu Security Notices (USN)

USN-1888-1
Mesa vulnerabilities
20 June 2013