CVE-2019-5068

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2019-5068
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-5068.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-5068
Downstream
Related
Published
2019-11-05T22:15:14Z
Modified
2025-10-15T11:00:36.399105Z
Severity
  • 4.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.

References

Affected packages

Git / gitlab.freedesktop.org/mesa/mesa

Affected ranges

Type
GIT
Repo
https://gitlab.freedesktop.org/mesa/mesa
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc

Affected versions

10.*

10.0-branchpoint
10.1-branchpoint
10.2-branchpoint
10.3-branchpoint
10.4-branchpoint
10.5-branchpoint
10.6-branchpoint

11.*

11.0-branchpoint
11.1-branchpoint
11.2-branchpoint

12.*

12.0-branchpoint

13.*

13.0-branchpoint

17.*

17.0-branchpoint
17.1-branchpoint
17.2-branchpoint
17.3-branchpoint

18.*

18.1-branchpoint
18.2-branchpoint
18.3-branchpoint

19.*

19.0-branchpoint
19.1-branchpoint
19.2-branchpoint
19.3-branchpoint

7.*

7.10-branchpoint
7.11-branchpoint
7.8-branchpoint
7.8-rc2
7.9-branchpoint

8.*

8.0-branchpoint

9.*

9.0-branchpoint
9.1-branchpoint
9.2-branchpoint

Other

before_upgrade_03_01_05
blended_fountain
chadv/cros-gerrit-262788-base
gliding_penguin
intel_2009q2_rc3
jump_and_click
kw-mesa-1
mesa-6_5-20060712
mesa_20050504
mesa_20050526
mesa_20050610
mesa_20050715
mesa_20060325
mesa_20090313
mesa_3_1_beta_3
mesa_3_3
mesa_3_5
mesa_4_0
mesa_4_1
mesa_6_3
mesa_6_3_1
mesa_6_3_1_1
mesa_6_3_2
mesa_6_5
mesa_6_5_1
mesa_6_5_2
mesa_6_5_3
mesa_6_5_3_rc2
mesa_6_5_3_rc3
mesa_6_5_3_rc4
mesa_7_1_rc1
mesa_7_1_rc2
mesa_7_1_rc3
mesa_7_1_rc4
mesa_7_3
mesa_7_3_rc1
mesa_7_3_rc2
mesa_7_3_rc3
mesa_7_5
mesa_7_5_1
mesa_7_5_2
mesa_7_5_2_rc1
mesa_7_5_rc1
mesa_7_5_rc2
mesa_7_5_rc3
mesa_7_5_rc4
mesa_7_6
mesa_7_6_1_rc1
mesa_7_6_1_rc2
mesa_7_6_1_rc3
mesa_7_6_1_rc4
mesa_7_6_rc1
mesa_7_7
mesa_7_7_rc1
mesa_7_7_rc2
mesa_7_7_rc3
noisy_cube
post-merge-glsl-compiler-1
pre-merge-glsl-compiler-1
red_tinted_cube
rotating_gears
shimmering_gears
snb-magic
texmem_0_2_20060912
the_perfect_frag
trunk_20040329
unichrome-last-xinerama

chadv/cros-mesa-10.*

chadv/cros-mesa-10.3-r13-vanilla
chadv/cros-mesa-10.3-r15-vanilla
chadv/cros-mesa-10.3-r28-vanilla
chadv/cros-mesa-10.3-r29-vanilla
chadv/cros-mesa-10.6-vanilla

chadv/cros-mesa-12.*

chadv/cros-mesa-12.1.0-r3-vanilla
chadv/cros-mesa-12.1.0-r5-vanilla
chadv/cros-mesa-12.1.0-r7-vanilla

chadv/cros-mesa-17.*

chadv/cros-mesa-17.1.0-r1-vanilla
chadv/cros-mesa-17.1.0-r2-vanilla
chadv/cros-mesa-17.1.1-r14-vanilla
chadv/cros-mesa-17.1.1-r3-vanilla
chadv/cros-mesa-17.2.3-vanilla

chadv/cros-mesa-18.*

chadv/cros-mesa-18.1_pre1-r4-vanilla

chadv/cros-mesa-19.*

chadv/cros-mesa-19.0-r1-vanilla

cros-mesa-10.*

cros-mesa-10.3-r13-vanilla
cros-mesa-10.3-r15-vanilla
cros-mesa-10.3-r28-vanilla
cros-mesa-10.3-r29-vanilla
cros-mesa-10.6-vanilla

cros-mesa-12.*

cros-mesa-12.1.0-r3-vanilla
cros-mesa-12.1.0-r5-vanilla
cros-mesa-12.1.0-r7-vanilla

cros-mesa-17.*

cros-mesa-17.1.0-r1-vanilla
cros-mesa-17.1.0-r2-vanilla
cros-mesa-17.1.1-r14-vanilla
cros-mesa-17.1.1-r3-vanilla
cros-mesa-17.2.3-vanilla

cros-mesa-18.*

cros-mesa-18.1_pre1-r4-vanilla

cros-mesa-19.*

cros-mesa-19.0-r1-vanilla

mesa-7.*

mesa-7.8
mesa-7.8.1

skl-fast-clear-v08.*

skl-fast-clear-v08.00

skl-fast-clear-v11.*

skl-fast-clear-v11.00

skl-fast-clear-v12.*

skl-fast-clear-v12.00

vulkan-header-0.*

vulkan-header-0.130.0
vulkan-header-0.138.0
vulkan-header-0.90.0

vulkan-protex-2015.*

vulkan-protex-2015.09.24.r01
vulkan-protex-2015.09.24.r01-base

Database specific

vanir_signatures

[
    {
        "source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
        "deprecated": false,
        "target": {
            "file": "src/gallium/winsys/sw/dri/dri_sw_winsys.c"
        },
        "signature_version": "v1",
        "id": "CVE-2019-5068-264b9e69",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "21031935878858951913416298586072437731",
                "184280298973286500260326107981170683022",
                "227604961755013890913276013896056655807",
                "298902272480603942530679806275904005723"
            ],
            "threshold": 0.9
        }
    },
    {
        "source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
        "deprecated": false,
        "target": {
            "file": "src/mesa/drivers/x11/xm_buffer.c"
        },
        "signature_version": "v1",
        "id": "CVE-2019-5068-28199632",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "261953367349776503054253862037111498413",
                "116667155956020564493198761042814679808",
                "96505939772392929618395239514449680247",
                "105648963479573839190880468283030598731",
                "34958545042316192794853523886036023836"
            ],
            "threshold": 0.9
        }
    },
    {
        "source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
        "deprecated": false,
        "target": {
            "file": "src/gallium/winsys/sw/xlib/xlib_sw_winsys.c"
        },
        "signature_version": "v1",
        "id": "CVE-2019-5068-35a78ea4",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "86152022769647049473691255526554010388",
                "101868295578463993546910883248190435361",
                "228878768313779073891326267432736084300",
                "134544723262417494627852244077955446339"
            ],
            "threshold": 0.9
        }
    },
    {
        "source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
        "deprecated": false,
        "target": {
            "function": "alloc_shm",
            "file": "src/gallium/winsys/sw/dri/dri_sw_winsys.c"
        },
        "signature_version": "v1",
        "id": "CVE-2019-5068-35c5eb8e",
        "signature_type": "Function",
        "digest": {
            "function_hash": "290279759643506509008372020186169818897",
            "length": 351.0
        }
    },
    {
        "source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
        "deprecated": false,
        "target": {
            "function": "alloc_back_shm_ximage",
            "file": "src/mesa/drivers/x11/xm_buffer.c"
        },
        "signature_version": "v1",
        "id": "CVE-2019-5068-67891280",
        "signature_type": "Function",
        "digest": {
            "function_hash": "316994832581475439660373376115781375927",
            "length": 2838.0
        }
    },
    {
        "source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
        "deprecated": false,
        "target": {
            "function": "alloc_shm",
            "file": "src/gallium/winsys/sw/xlib/xlib_sw_winsys.c"
        },
        "signature_version": "v1",
        "id": "CVE-2019-5068-f896eccb",
        "signature_type": "Function",
        "digest": {
            "function_hash": "212862945932981495206777118466091392205",
            "length": 547.0
        }
    }
]