CVE-2013-1993

Publication date 23 May 2013

Last updated 24 July 2024

Ubuntu priority

Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
mesa	13.04 raring	Fixed 9.1.3-0ubuntu0.3
	12.10 quantal	Fixed 9.0.3-0ubuntu0.2
	12.04 LTS precise	Fixed 8.0.4-0ubuntu0.6
	10.04 LTS lucid	Ignored end of life

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
mesa	Upstream: http://cgit.freedesktop.org/mesa/mesa/commit?id=2e5a268f18be30df15aed0b44b01a18a37fb5df4 Upstream: http://cgit.freedesktop.org/mesa/mesa/commit?id=306f630e676eb901789dd09a0f30d7e7fa941ebe

References

Related Ubuntu Security Notices (USN)

USN-1888-1
Mesa vulnerabilities
20 June 2013

CVE-2013-1993

Status

Patch details

References

Related Ubuntu Security Notices (USN)

Other references