CVE-2019-5068
- Source
- https://cve.org/CVERecord?id=CVE-2019-5068
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-5068.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-5068
- Downstream
- Related
- Published
- 2019-11-05T22:15:14.017Z
- Modified
- 2026-04-02T03:20:42.190675Z
- Severity
-
- 4.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.
- References
-
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00037.html
- https://lists.debian.org/debian-lts-announce/2019/11/msg00013.html
- https://usn.ubuntu.com/4271-1/
- https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc
- https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html
- https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857
Affected packages
Git / gitlab.freedesktop.org/mesa/mesa
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.freedesktop.org/mesa/mesa
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedFixed
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "19.1.2" }, { "introduced": "0" }, { "last_affected": "8.0" } ] }
Affected versions
10.*
10.0-branchpoint
10.1-branchpoint
10.2-branchpoint
10.3-branchpoint
10.4-branchpoint
10.5-branchpoint
10.6-branchpoint
11.*
11.0-branchpoint
11.1-branchpoint
11.2-branchpoint
12.*
12.0-branchpoint
13.*
13.0-branchpoint
17.*
17.0-branchpoint
17.1-branchpoint
17.2-branchpoint
17.3-branchpoint
18.*
18.0-branchpoint
18.1-branchpoint
18.2-branchpoint
18.3-branchpoint
19.*
19.0-branchpoint
19.1-branchpoint
19.2-branchpoint
19.3-branchpoint
7.*
7.10-branchpoint
7.11-branchpoint
7.8-branchpoint
7.8-rc1
7.8-rc2
7.9-branchpoint
8.*
8.0-branchpoint
9.*
9.0-branchpoint
9.1-branchpoint
9.2-branchpoint
Other
R300_DRIVER_0
before_upgrade_03_01_05
blended_fountain
chadv/cros-gerrit-262788-base
chadv/review/anv-dma-buf-v01
chadv/review/anv-drm-format-mod/2019-07-26-r1
chadv/review/anv-drm-format-mod/2019-08-01-r1
chadv/review/fix-lost-android-window-v01
core-context-v2
embedded-1-20030120
embedded-1-20030224
embedded-1-20030305
embedded-1-20030324
embedded-1-20030417
embedded-1-20030502
gles3-fmt-v1
gliding_penguin
i965-primitive-restart-v2
instanced_arrays-v2
intel_2009q1_rc1
intel_2009q1_rc2
intel_2009q1_rc3
intel_2009q2_rc3
jump_and_click
kw-mesa-1
mesa-6_5-20060712
mesa_20050504
mesa_20050526
mesa_20050610
mesa_20050715
mesa_20060201
mesa_20060325
mesa_20090313
mesa_3_1
mesa_3_1_beta_3
mesa_3_2
mesa_3_2_1
mesa_3_2_beta_1
mesa_3_3
mesa_3_4
mesa_3_4_1
mesa_3_4_2
mesa_3_5
mesa_4_0
mesa_4_0_1
mesa_4_0_2
mesa_4_0_3
mesa_4_0_4
mesa_4_1
mesa_5_0
mesa_5_0_1
mesa_6_3
mesa_6_3_1
mesa_6_3_1_1
mesa_6_3_2
mesa_6_4
mesa_6_4_1
mesa_6_4_2
mesa_6_5
mesa_6_5_1
mesa_6_5_2
mesa_6_5_3
mesa_6_5_3_rc2
mesa_6_5_3_rc3
mesa_6_5_3_rc4
mesa_7_0
mesa_7_0_1
mesa_7_0_1_rc1
mesa_7_0_1_rc2
mesa_7_0_2
mesa_7_0_2_rc1
mesa_7_0_3
mesa_7_0_3_rc3
mesa_7_1
mesa_7_1_rc1
mesa_7_1_rc2
mesa_7_1_rc3
mesa_7_1_rc4
mesa_7_2
mesa_7_2_rc1
mesa_7_3
mesa_7_3_rc1
mesa_7_3_rc2
mesa_7_3_rc3
mesa_7_4
mesa_7_4_2
mesa_7_4_3
mesa_7_4_4
mesa_7_4_rc1
mesa_7_4_rc2
mesa_7_5
mesa_7_5_1
mesa_7_5_2
mesa_7_5_2_rc1
mesa_7_5_rc1
mesa_7_5_rc2
mesa_7_5_rc3
mesa_7_5_rc4
mesa_7_6
mesa_7_6_1
mesa_7_6_1_rc1
mesa_7_6_1_rc2
mesa_7_6_1_rc3
mesa_7_6_1_rc4
mesa_7_6_rc1
mesa_7_7
mesa_7_7_1
mesa_7_7_1_rc2
mesa_7_7_rc1
mesa_7_7_rc2
mesa_7_7_rc3
mesa_texman_20060210
noisy_cube
post-merge-glsl-compiler-1
pre-merge-glsl-compiler-1
red_tinted_cube
rgb10_a2ui-v3
rotating_gears
shimmering_gears
snb-magic
start
texman_0_1_20060325
texman_0_1_20060330
texman_0_1_20060621
texman_0_1_20060705
texman_0_1_pre_ttm
texmem_0_2_20060912
texmem_0_3_20060923
texmem_0_3_20060929
the_perfect_frag
trunk_20040329
unichrome-last-xinerama
useful
vtx-0-2-21112003-freeze
vtx-0-2-24112003
android-x86-1.*
android-x86-1.6
android-x86-2.*
android-x86-2.2
android-x86-2.2-r2
android-x86-4.*
android-x86-4.4-r1
arc-mesa-19.*
arc-mesa-19.0-r1-vanilla
chadv/arc-mesa-19.*
chadv/arc-mesa-19.0-r1-vanilla
chadv/arc-mesa-19.0-r31-vanilla
chadv/cros-mesa-10.*
chadv/cros-mesa-10.3-r13-vanilla
chadv/cros-mesa-10.3-r15-vanilla
chadv/cros-mesa-10.3-r28-vanilla
chadv/cros-mesa-10.3-r29-vanilla
chadv/cros-mesa-10.6-vanilla
chadv/cros-mesa-12.*
chadv/cros-mesa-12.1.0-r3-vanilla
chadv/cros-mesa-12.1.0-r5-vanilla
chadv/cros-mesa-12.1.0-r7-vanilla
chadv/cros-mesa-17.*
chadv/cros-mesa-17.1.0-r1-vanilla
chadv/cros-mesa-17.1.0-r2-vanilla
chadv/cros-mesa-17.1.1-r14-vanilla
chadv/cros-mesa-17.1.1-r3-vanilla
chadv/cros-mesa-17.2.3-vanilla
chadv/cros-mesa-18.*
chadv/cros-mesa-18.1_pre1-r4-vanilla
chadv/cros-mesa-19.*
chadv/cros-mesa-19.0-r1-vanilla
chadv/wip/arc-17.*
chadv/wip/arc-17.3-i965-mutable-render-buffer-v06
chadv/wip/arc-18.*
chadv/wip/arc-18.2.0-pre1-i965-mutable-render-buffer-2018-07-30
cros-mesa-10.*
cros-mesa-10.3-r13-vanilla
cros-mesa-10.3-r15-vanilla
cros-mesa-10.3-r28-vanilla
cros-mesa-10.3-r29-vanilla
cros-mesa-10.6-vanilla
cros-mesa-12.*
cros-mesa-12.1.0-r3-vanilla
cros-mesa-12.1.0-r5-vanilla
cros-mesa-12.1.0-r7-vanilla
cros-mesa-17.*
cros-mesa-17.1.0-r1-vanilla
cros-mesa-17.1.0-r2-vanilla
cros-mesa-17.1.1-r14-vanilla
cros-mesa-17.1.1-r3-vanilla
cros-mesa-17.2.3-vanilla
cros-mesa-18.*
cros-mesa-18.1_pre1-r4-vanilla
cros-mesa-19.*
cros-mesa-19.0-r1-vanilla
intel-2012q4.*
intel-2012q4.1
mesa-10.*
mesa-10.0
mesa-10.0-rc1
mesa-10.0-rc2
mesa-10.0.1
mesa-10.0.2
mesa-10.0.3
mesa-10.0.4
mesa-10.0.5
mesa-10.1
mesa-10.1-devel
mesa-10.1-rc1
mesa-10.1-rc2
mesa-10.1-rc3
mesa-10.1.1
mesa-10.1.2
mesa-10.1.3
mesa-10.1.4
mesa-10.1.5
mesa-10.1.6
mesa-10.2
mesa-10.2-rc1
mesa-10.2-rc2
mesa-10.2-rc3
mesa-10.2-rc4
mesa-10.2-rc5
mesa-10.2.1
mesa-10.2.2
mesa-10.2.3
mesa-10.2.4
mesa-10.2.5
mesa-10.2.6
mesa-10.2.7
mesa-10.2.8
mesa-10.2.9
mesa-10.3
mesa-10.3-rc1
mesa-10.3-rc2
mesa-10.3-rc3
mesa-10.3.1
mesa-10.3.2
mesa-10.3.3
mesa-10.3.4
mesa-10.3.5
mesa-10.3.6
mesa-10.3.7
mesa-10.4.0
mesa-10.4.0-rc1
mesa-10.4.0-rc2
mesa-10.4.0-rc3
mesa-10.4.0-rc4
mesa-10.4.1
mesa-10.4.2
mesa-10.4.3
mesa-10.4.4
mesa-10.4.5
mesa-10.4.6
mesa-10.4.7
mesa-10.5.0
mesa-10.5.0-rc1
mesa-10.5.0-rc2
mesa-10.5.0-rc3
mesa-10.5.1
mesa-10.5.2
mesa-10.5.3
mesa-10.5.4
mesa-10.5.5
mesa-10.5.6
mesa-10.5.7
mesa-10.5.8
mesa-10.5.9
mesa-10.6.0
mesa-10.6.0-rc1
mesa-10.6.0-rc2
mesa-10.6.0-rc3
mesa-10.6.1
mesa-10.6.2
mesa-10.6.3
mesa-10.6.4
mesa-10.6.5
mesa-10.6.6
mesa-10.6.7
mesa-10.6.8
mesa-10.6.9
mesa-11.*
mesa-11.0.0
mesa-11.0.0-rc1
mesa-11.0.0-rc2
mesa-11.0.0-rc3
mesa-11.0.1
mesa-11.0.2
mesa-11.0.3
mesa-11.0.4
mesa-11.0.5
mesa-11.0.6
mesa-11.0.7
mesa-11.0.8
mesa-11.0.9
mesa-11.1.0
mesa-11.1.0-rc1
mesa-11.1.0-rc2
mesa-11.1.0-rc3
mesa-11.1.1
mesa-11.1.2
mesa-11.1.3
mesa-11.1.4
mesa-11.2.0
mesa-11.2.0-rc1
mesa-11.2.0-rc2
mesa-11.2.0-rc3
mesa-11.2.0-rc4
mesa-11.2.1
mesa-11.2.2
mesa-12.*
mesa-12.0.0
mesa-12.0.0-rc1
mesa-12.0.0-rc2
mesa-12.0.0-rc3
mesa-12.0.0-rc4
mesa-12.0.1
mesa-12.0.2
mesa-12.0.3
mesa-12.0.4
mesa-12.0.5
mesa-12.0.6
mesa-13.*
mesa-13.0.0
mesa-13.0.0-rc1
mesa-13.0.0-rc2
mesa-13.0.0-rc3
mesa-13.0.1
mesa-13.0.2
mesa-13.0.3
mesa-13.0.4
mesa-13.0.5
mesa-13.0.6
mesa-17.*
mesa-17.0.0
mesa-17.0.0-rc1
mesa-17.0.0-rc2
mesa-17.0.0-rc3
mesa-17.0.1
mesa-17.0.2
mesa-17.0.3
mesa-17.0.4
mesa-17.0.5
mesa-17.0.6
mesa-17.0.7
mesa-17.1.0
mesa-17.1.0-rc1
mesa-17.1.0-rc2
mesa-17.1.0-rc3
mesa-17.1.0-rc4
mesa-17.1.1
mesa-17.1.10
mesa-17.1.2
mesa-17.1.3
mesa-17.1.4
mesa-17.1.5
mesa-17.1.6
mesa-17.1.7
mesa-17.1.8
mesa-17.1.9
mesa-17.2.0
mesa-17.2.0-rc1
mesa-17.2.0-rc2
mesa-17.2.0-rc3
mesa-17.2.0-rc4
mesa-17.2.0-rc5
mesa-17.2.0-rc6
mesa-17.2.1
mesa-17.2.2
mesa-17.2.3
mesa-17.2.4
mesa-17.2.5
mesa-17.2.6
mesa-17.2.7
mesa-17.2.8
mesa-17.3.0
mesa-17.3.0-rc1
mesa-17.3.0-rc2
mesa-17.3.0-rc3
mesa-17.3.0-rc4
mesa-17.3.0-rc5
mesa-17.3.0-rc6
mesa-17.3.1
mesa-17.3.2
mesa-17.3.3
mesa-17.3.4
mesa-17.3.5
mesa-17.3.6
mesa-17.3.7
mesa-17.3.8
mesa-17.3.9
mesa-18.*
mesa-18.0-0-rc1
mesa-18.0.0
mesa-18.0.0-rc1
mesa-18.0.0-rc2
mesa-18.0.0-rc3
mesa-18.0.0-rc4
mesa-18.0.0-rc5
mesa-18.0.1
mesa-18.0.2
mesa-18.0.3
mesa-18.0.4
mesa-18.0.5
mesa-18.1.0
mesa-18.1.0-rc1
mesa-18.1.0-rc2
mesa-18.1.0-rc3
mesa-18.1.0-rc4
mesa-18.1.1
mesa-18.1.2
mesa-18.1.3
mesa-18.1.4
mesa-18.1.5
mesa-18.1.6
mesa-18.1.7
mesa-18.1.8
mesa-18.1.9
mesa-18.2.0
mesa-18.2.0-rc1
mesa-18.2.0-rc2
mesa-18.2.0-rc3
mesa-18.2.0-rc4
mesa-18.2.0-rc5
mesa-18.2.0-rc6
mesa-18.2.1
mesa-18.2.2
mesa-18.2.3
mesa-18.2.4
mesa-18.2.5
mesa-18.2.6
mesa-18.2.7
mesa-18.2.8
mesa-18.3.0
mesa-18.3.0-rc1
mesa-18.3.0-rc2
mesa-18.3.0-rc3
mesa-18.3.0-rc4
mesa-18.3.0-rc5
mesa-18.3.0-rc6
mesa-18.3.1
mesa-18.3.2
mesa-18.3.3
mesa-18.3.4
mesa-18.3.5
mesa-18.3.6
mesa-19.*
mesa-19.0-rc1
mesa-19.0.0
mesa-19.0.0-rc1
mesa-19.0.0-rc2
mesa-19.0.0-rc3
mesa-19.0.0-rc4
mesa-19.0.0-rc5
mesa-19.0.0-rc6
mesa-19.0.0-rc7
mesa-19.0.1
mesa-19.0.2
mesa-19.0.3
mesa-19.0.4
mesa-19.0.5
mesa-19.0.6
mesa-19.0.7
mesa-19.0.8
mesa-19.1.0
mesa-19.1.0-rc1
mesa-19.1.0-rc2
mesa-19.1.0-rc3
mesa-19.1.0-rc4
mesa-19.1.0-rc5
mesa-19.1.1
mesa-19.1.2
mesa-19.2.0
mesa-19.2.0-rc1
mesa-19.2.0-rc2
mesa-19.2.0-rc3
mesa-19.2.0-rc4
mesa-19.2.1
mesa-19.2.2
mesa-19.2.3
mesa-19.2.4
mesa-19.2.5
mesa-19.2.6
mesa-19.2.7
mesa-19.2.8
mesa-19.3.0
mesa-19.3.0-rc1
mesa-19.3.0-rc2
mesa-19.3.0-rc3
mesa-19.3.0-rc4
mesa-19.3.0-rc5
mesa-19.3.0-rc6
mesa-19.3.1
mesa-19.3.2
mesa-19.3.3
mesa-19.3.4
mesa-19.3.5
mesa-6.*
mesa-6.5.2-2
mesa-6.5.2-3
mesa-6.5.2-4
mesa-6.5.2-5
mesa-6.5.2-6
mesa-6.5.2-7
mesa-6.5.3-1
mesa-6.5.3-rc3-1
mesa-7.*
mesa-7.0.1-1
mesa-7.0.1-2
mesa-7.0.1-rc2-1
mesa-7.0.2-1
mesa-7.0.2-3
mesa-7.0.2-4
mesa-7.0.3-1
mesa-7.0.3-3
mesa-7.0.3-4
mesa-7.0.3-5
mesa-7.0.3-6
mesa-7.0.3-7
mesa-7.0.3-rc2-1
mesa-7.0.3-rc2-2
mesa-7.1-1
mesa-7.1-rc3-1
mesa-7.10
mesa-7.10.1
mesa-7.10.2
mesa-7.10.3
mesa-7.11
mesa-7.11-rc1
mesa-7.11-rc2
mesa-7.11-rc3
mesa-7.11-rc4
mesa-7.11.1
mesa-7.11.2
mesa-7.2-1
mesa-7.3-1
mesa-7.3-rc1-1
mesa-7.3-rc3-1
mesa-7.4-1
mesa-7.4-2
mesa-7.4-rc1-1
mesa-7.4.1-1
mesa-7.4.4-1
mesa-7.5-1
mesa-7.5-2
mesa-7.5-3
mesa-7.5-rc4-1
mesa-7.5.1-1
mesa-7.6-1
mesa-7.6.1-1
mesa-7.6.1-rc2-1
mesa-7.6.1-rc3-1
mesa-7.7-1
mesa-7.7-2
mesa-7.7-3
mesa-7.7-4
mesa-7.7-rc2-1
mesa-7.7.1-1
mesa-7.7.1-2
mesa-7.8
mesa-7.8.1
mesa-7.8.1-1
mesa-7.8.1-2
mesa-7.8.2
mesa-7.8.2-1
mesa-7.8.2-2
mesa-7.9
mesa-7.9-rc1
mesa-7.9-rc2
mesa-7.9.1
mesa-7.9.2
mesa-8.*
mesa-8.0
mesa-8.0-rc1
mesa-8.0-rc2
mesa-9.*
mesa-9.0
mesa-9.0.1
mesa-9.0.2
mesa-9.0.3
mesa-9.1
mesa-9.1-rc1
mesa-9.1-rc2
mesa-9.1.1
mesa-9.1.2
mesa-9.1.3
mesa-9.1.4
mesa-9.1.5
mesa-9.1.6
mesa-9.1.7
mesa-9.2
mesa-9.2-rc1
mesa-9.2-rc2
mesa-9.2.1
mesa-9.2.2
mesa-9.2.3
mesa-9.2.4
mesa-9.2.5
skl-fast-clear-v08.*
skl-fast-clear-v08.00
skl-fast-clear-v11.*
skl-fast-clear-v11.00
skl-fast-clear-v12.*
skl-fast-clear-v12.00
vulkan-header-0.*
vulkan-header-0.130.0
vulkan-header-0.138.0
vulkan-header-0.90.0
vulkan-protex-2015.*
vulkan-protex-2015.09.24.r01
vulkan-protex-2015.09.24.r01-base
Database specific
vanir_signatures
[
{
"signature_version": "v1",
"source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"signature_type": "Line",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"21031935878858951913416298586072437731",
"184280298973286500260326107981170683022",
"227604961755013890913276013896056655807",
"298902272480603942530679806275904005723"
]
},
"id": "CVE-2019-5068-264b9e69",
"target": {
"file": "src/gallium/winsys/sw/dri/dri_sw_winsys.c"
}
},
{
"signature_version": "v1",
"source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"signature_type": "Line",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"261953367349776503054253862037111498413",
"116667155956020564493198761042814679808",
"96505939772392929618395239514449680247",
"105648963479573839190880468283030598731",
"34958545042316192794853523886036023836"
]
},
"id": "CVE-2019-5068-28199632",
"target": {
"file": "src/mesa/drivers/x11/xm_buffer.c"
}
},
{
"signature_version": "v1",
"source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"signature_type": "Line",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"86152022769647049473691255526554010388",
"101868295578463993546910883248190435361",
"228878768313779073891326267432736084300",
"134544723262417494627852244077955446339"
]
},
"id": "CVE-2019-5068-35a78ea4",
"target": {
"file": "src/gallium/winsys/sw/xlib/xlib_sw_winsys.c"
}
},
{
"signature_version": "v1",
"source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "290279759643506509008372020186169818897",
"length": 351.0
},
"id": "CVE-2019-5068-35c5eb8e",
"target": {
"function": "alloc_shm",
"file": "src/gallium/winsys/sw/dri/dri_sw_winsys.c"
}
},
{
"signature_version": "v1",
"source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "316994832581475439660373376115781375927",
"length": 2838.0
},
"id": "CVE-2019-5068-67891280",
"target": {
"function": "alloc_back_shm_ximage",
"file": "src/mesa/drivers/x11/xm_buffer.c"
}
},
{
"signature_version": "v1",
"source": "https://gitlab.freedesktop.org/mesa/mesa@02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "212862945932981495206777118466091392205",
"length": 547.0
},
"id": "CVE-2019-5068-f896eccb",
"target": {
"function": "alloc_shm",
"file": "src/gallium/winsys/sw/xlib/xlib_sw_winsys.c"
}
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-5068.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "15.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "18.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "19.10"
}
]
}
]