CVE-2023-45919Buffer Over-read in Mesa

CWE-126Buffer Over-read6 documents5 sources
Severity
5.3MEDIUMNVD
EPSS
0.1%
top 75.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mesa3d Mesa
Timeline
PublishedMar 27

Description

Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.4

Affected Packages1 packages

NVDmesa3d/mesa23.0.4

🔴Vulnerability Details

4
CVEList
CVE-2023-45919: Mesa 232024-03-27
GHSA
GHSA-fwp2-wq2h-xqvw: Mesa 232024-03-27
OSV
CVE-2023-45919: Mesa 232024-03-27
OSV
CVE-2023-45919: ** DISPUTED ** Mesa 232024-03-27

📋Vendor Advisories

1
Debian
CVE-2023-45919: mesa - Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString...2023
CVE-2023-45919 — Buffer Over-read in Mesa3d Mesa | cvebase