CVE-2019-5068
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-5068
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-5068.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-5068
- Downstream
- Related
- Published
- 2019-11-05T22:15:14Z
- Modified
- 2025-09-16T07:05:19.408655Z
- Severity
-
- 4.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.
- References
-
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00037.html
- https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc
- https://lists.debian.org/debian-lts-announce/2019/11/msg00013.html
- https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html
- https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857
- https://usn.ubuntu.com/4271-1/
Affected packages
Debian:11 / mesa
Package
- Name
- mesa
- Purl
- pkg:deb/debian/mesa?arch=source
Debian:12 / mesa
Package
- Name
- mesa
- Purl
- pkg:deb/debian/mesa?arch=source
Debian:13 / mesa
Package
- Name
- mesa
- Purl
- pkg:deb/debian/mesa?arch=source
Debian:14 / mesa
Package
- Name
- mesa
- Purl
- pkg:deb/debian/mesa?arch=source
Git / gitlab.freedesktop.org/mesa/mesa
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.freedesktop.org/mesa/mesa
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
10.*
10.0-branchpoint
10.1-branchpoint
10.2-branchpoint
10.3-branchpoint
10.4-branchpoint
10.5-branchpoint
10.6-branchpoint
11.*
11.0-branchpoint
11.1-branchpoint
11.2-branchpoint
12.*
12.0-branchpoint
13.*
13.0-branchpoint
17.*
17.0-branchpoint
17.1-branchpoint
17.2-branchpoint
17.3-branchpoint
18.*
18.1-branchpoint
18.2-branchpoint
18.3-branchpoint
19.*
19.0-branchpoint
19.1-branchpoint
19.2-branchpoint
19.3-branchpoint
7.*
7.10-branchpoint
7.11-branchpoint
7.8-branchpoint
7.8-rc2
7.9-branchpoint
8.*
8.0-branchpoint
9.*
9.0-branchpoint
9.1-branchpoint
9.2-branchpoint
Other
before_upgrade_03_01_05
blended_fountain
chadv/cros-gerrit-262788-base
gliding_penguin
intel_2009q2_rc3
jump_and_click
kw-mesa-1
mesa-6_5-20060712
mesa_20050504
mesa_20050526
mesa_20050610
mesa_20050715
mesa_20060325
mesa_20090313
mesa_3_1_beta_3
mesa_3_3
mesa_3_5
mesa_4_0
mesa_4_1
mesa_6_3
mesa_6_3_1
mesa_6_3_1_1
mesa_6_3_2
mesa_6_5
mesa_6_5_1
mesa_6_5_2
mesa_6_5_3
mesa_6_5_3_rc2
mesa_6_5_3_rc3
mesa_6_5_3_rc4
mesa_7_1_rc1
mesa_7_1_rc2
mesa_7_1_rc3
mesa_7_1_rc4
mesa_7_3
mesa_7_3_rc1
mesa_7_3_rc2
mesa_7_3_rc3
mesa_7_5
mesa_7_5_1
mesa_7_5_2
mesa_7_5_2_rc1
mesa_7_5_rc1
mesa_7_5_rc2
mesa_7_5_rc3
mesa_7_5_rc4
mesa_7_6
mesa_7_6_1_rc1
mesa_7_6_1_rc2
mesa_7_6_1_rc3
mesa_7_6_1_rc4
mesa_7_6_rc1
mesa_7_7
mesa_7_7_rc1
mesa_7_7_rc2
mesa_7_7_rc3
noisy_cube
post-merge-glsl-compiler-1
pre-merge-glsl-compiler-1
red_tinted_cube
rotating_gears
shimmering_gears
snb-magic
texmem_0_2_20060912
the_perfect_frag
trunk_20040329
unichrome-last-xinerama
chadv/cros-mesa-10.*
chadv/cros-mesa-10.3-r13-vanilla
chadv/cros-mesa-10.3-r15-vanilla
chadv/cros-mesa-10.3-r28-vanilla
chadv/cros-mesa-10.3-r29-vanilla
chadv/cros-mesa-10.6-vanilla
chadv/cros-mesa-12.*
chadv/cros-mesa-12.1.0-r3-vanilla
chadv/cros-mesa-12.1.0-r5-vanilla
chadv/cros-mesa-12.1.0-r7-vanilla
chadv/cros-mesa-17.*
chadv/cros-mesa-17.1.0-r1-vanilla
chadv/cros-mesa-17.1.0-r2-vanilla
chadv/cros-mesa-17.1.1-r14-vanilla
chadv/cros-mesa-17.1.1-r3-vanilla
chadv/cros-mesa-17.2.3-vanilla
chadv/cros-mesa-18.*
chadv/cros-mesa-18.1_pre1-r4-vanilla
chadv/cros-mesa-19.*
chadv/cros-mesa-19.0-r1-vanilla
cros-mesa-10.*
cros-mesa-10.3-r13-vanilla
cros-mesa-10.3-r15-vanilla
cros-mesa-10.3-r28-vanilla
cros-mesa-10.3-r29-vanilla
cros-mesa-10.6-vanilla
cros-mesa-12.*
cros-mesa-12.1.0-r3-vanilla
cros-mesa-12.1.0-r5-vanilla
cros-mesa-12.1.0-r7-vanilla
cros-mesa-17.*
cros-mesa-17.1.0-r1-vanilla
cros-mesa-17.1.0-r2-vanilla
cros-mesa-17.1.1-r14-vanilla
cros-mesa-17.1.1-r3-vanilla
cros-mesa-17.2.3-vanilla
cros-mesa-18.*
cros-mesa-18.1_pre1-r4-vanilla
cros-mesa-19.*
cros-mesa-19.0-r1-vanilla
mesa-7.*
mesa-7.8
mesa-7.8.1
skl-fast-clear-v08.*
skl-fast-clear-v08.00
skl-fast-clear-v11.*
skl-fast-clear-v11.00
skl-fast-clear-v12.*
skl-fast-clear-v12.00
vulkan-header-0.*
vulkan-header-0.130.0
vulkan-header-0.138.0
vulkan-header-0.90.0
vulkan-protex-2015.*
vulkan-protex-2015.09.24.r01
vulkan-protex-2015.09.24.r01-base
Database specific
{
"vanir_signatures": [
{
"target": {
"file": "src/gallium/winsys/sw/dri/dri_sw_winsys.c"
},
"digest": {
"line_hashes": [
"21031935878858951913416298586072437731",
"184280298973286500260326107981170683022",
"227604961755013890913276013896056655807",
"298902272480603942530679806275904005723"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"id": "CVE-2019-5068-264b9e69",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "src/mesa/drivers/x11/xm_buffer.c"
},
"digest": {
"line_hashes": [
"261953367349776503054253862037111498413",
"116667155956020564493198761042814679808",
"96505939772392929618395239514449680247",
"105648963479573839190880468283030598731",
"34958545042316192794853523886036023836"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"id": "CVE-2019-5068-28199632",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "src/gallium/winsys/sw/xlib/xlib_sw_winsys.c"
},
"digest": {
"line_hashes": [
"86152022769647049473691255526554010388",
"101868295578463993546910883248190435361",
"228878768313779073891326267432736084300",
"134544723262417494627852244077955446339"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"id": "CVE-2019-5068-35a78ea4",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "src/gallium/winsys/sw/dri/dri_sw_winsys.c",
"function": "alloc_shm"
},
"digest": {
"length": 351.0,
"function_hash": "290279759643506509008372020186169818897"
},
"signature_version": "v1",
"source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"id": "CVE-2019-5068-35c5eb8e",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "src/mesa/drivers/x11/xm_buffer.c",
"function": "alloc_back_shm_ximage"
},
"digest": {
"length": 2838.0,
"function_hash": "316994832581475439660373376115781375927"
},
"signature_version": "v1",
"source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"id": "CVE-2019-5068-67891280",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "src/gallium/winsys/sw/xlib/xlib_sw_winsys.c",
"function": "alloc_shm"
},
"digest": {
"length": 547.0,
"function_hash": "212862945932981495206777118466091392205"
},
"signature_version": "v1",
"source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"id": "CVE-2019-5068-f896eccb",
"signature_type": "Function",
"deprecated": false
}
]
}