CVE-2013-1872
NONE EPSS 83.5%
Published Aug 19, 201312y ago · Modified Jun 16, 20262w ago
Published Aug 19, 2013 12y ago
Last Modified Jun 16, 2026 2w ago
Description
The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access, related to the fs_visitor::remove_dead_constants function. NOTE: this issue might be related to CVE-2013-0796.
Threat Intelligence
EPSS Exploit Probability
83.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 16
| Vendor | Product | Version | Range |
|---|---|---|---|
| mesa3d | mesa | 9.0 | any |
| mesa3d | mesa | 9.0.1 | any |
| mesa3d | mesa | 9.0.2 | any |
| mesa3d | mesa | 9.0.3 | any |
| canonical | ubuntu_linux | 12.04 | any |
| canonical | ubuntu_linux | 12.10 | any |
| canonical | ubuntu_linux | 13.04 | any |
| opensuse | opensuse | 12.2 | any |
| opensuse | opensuse | 12.3 | any |
| redhat | enterprise_linux | 6.0 | any |
| mesa3d | mesa | 8.0 | any |
| mesa3d | mesa | 8.0.1 | any |
| mesa3d | mesa | 8.0.2 | any |
| mesa3d | mesa | 8.0.3 | any |
| mesa3d | mesa | 8.0.4 | any |
| mesa3d | mesa | 8.0.5 | any |
References 9
- advisories.mageia.org http://advisories.mageia.org/MGASA-2013-0190.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00014.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00019.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2013-0897.html
- debian.org http://www.debian.org/security/2013/dsa-2704
- securityfocus.com http://www.securityfocus.com/bid/60285
- ubuntu.com http://www.ubuntu.com/usn/USN-1888-1
- bugs.freedesktop.org https://bugs.freedesktop.org/show_bug.cgi?id=59429
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=923584
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.