CVE-2013-1993

NONE EPSS 84.0%
Published Jun 15, 201313y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jun 15, 2013 13y ago
Last Modified Jun 16, 2026 2w ago

Description

Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions.

Threat Intelligence

EPSS Exploit Probability
84.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-189

Affected Products 7

VendorProductVersionRange
mesa3dmesa* ≤9.1.1
mesa3dmesa9.0any
mesa3dmesa9.0.1any
mesa3dmesa9.0.2any
mesa3dmesa9.0.3any
mesa3dmesa9.1any
xlibglx*any

References 11

  • advisories.mageia.org http://advisories.mageia.org/MGASA-2013-0190.html
  • lists.freedesktop.org http://lists.freedesktop.org/archives/mesa-dev/2013-May/039720.html
  • lists.freedesktop.org http://lists.freedesktop.org/archives/mesa-dev/2013-May/039722.html
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-06/msg00007.html
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2013-0897.html
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2013-0898.html
  • debian.org http://www.debian.org/security/2013/dsa-2678
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2013:181
  • openwall.com http://www.openwall.com/lists/oss-security/2013/05/23/3
  • ubuntu.com http://www.ubuntu.com/usn/USN-1888-1
  • x.org http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.