DEBIAN-CVE-2023-45931

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2023-45931

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-45931.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2023-45931

Upstream

CVE-2023-45931

Published

2024-03-27T04:15:11.250Z

Modified

2026-03-17T02:49:01.997708Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Mesa 23.0.4 was discovered to contain a NULL pointer dereference in checkxshm() for the haserror state. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated.

References

https://security-tracker.debian.org/tracker/CVE-2023-45931

Affected packages

Debian:11 / mesa

Package

Name: mesa
Purl: pkg:deb/debian/mesa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

20.*

20.3.5-1

21.*

21.0.0~rc2-1

21.0.0~rc3-1

21.0.0~rc4-1

21.0.0~rc5-1

21.0.0-1

21.0.1-1

21.0.1-2

21.0.2-1

21.1.0-1

21.1.0-2

21.1.0-3

21.1.0-4

21.1.2-1

21.1.4-1

21.1.6-1

21.2.0-1

21.2.1-1

21.2.1-2

21.2.2-1

21.2.2-1+riscv64

21.2.3-1

21.2.3-2

21.2.4-1

21.2.5-1

21.2.6-1

21.3.0~rc5-1

21.3.3-1

21.3.4-1

21.3.5-1

21.3.7-1

21.3.8-1

22.*

22.0.0~rc2-1

22.0.0-1

22.0.1-1

22.0.1-2

22.0.2-1

22.0.3-1

22.0.4-1

22.0.5-1

22.1.0~rc3-1

22.1.0~rc5-1

22.1.0-1

22.1.3-1

22.1.5-1

22.2.0~rc1-1

22.2.0~rc2-1

22.2.0~rc3-1

22.2.0~rc3-1exp1

22.2.0~rc3-2

22.2.0-1

22.2.1-1

22.2.2-1

22.2.3-1

22.2.4-1

22.3.0~rc1-1

22.3.0~rc1-2

22.3.0~rc1-3

22.3.0~rc3-1

22.3.0~rc4-1

22.3.0-1

22.3.0-2

22.3.0-3

22.3.1-1

22.3.2-1

22.3.3-1

22.3.4-1

22.3.5-1

22.3.6-1

23.*

23.0.0~rc1-1

23.0.0~rc4-1

23.0.0-1

23.0.1-1

23.0.2-1

23.1.0~rc2-1

23.1.0~rc3-1

23.1.0-1

23.1.1-1

23.1.2-1

23.1.3-1

23.1.4-1

23.1.6-1

23.1.7-1

23.2.0~rc2-1

23.2.0~rc3-1

23.2.0~rc3-2

23.2.0~rc3-3

23.2.0~rc4-1

23.2.1-1

23.3.0~rc1-1

23.3.0~rc2-1

23.3.0~rc3-1

23.3.0~rc4-1

23.3.0~rc5-1

23.3.0-1

23.3.0-2

23.3.1-1

23.3.1-1+exp1

23.3.1-2

23.3.1-3

23.3.1-4

23.3.2-1

23.3.2-2

23.3.3-1

23.3.3-2

23.3.3-3

23.3.4-1

23.3.5-1

24.*

24.0.0~rc1-1

24.0.0~rc2-1

24.0.0~rc3-1

24.0.0-1

24.0.0-2

24.0.1-1

24.0.2-1

24.0.3-1

24.0.4-1

24.0.5-1

24.0.6-1

24.0.7-1

24.0.8-1

24.1.0~rc1-1

24.1.0~rc2-1

24.1.0~rc3-1

24.1.0-1

24.1.0-2

24.1.1-1

24.1.1-2

24.1.2-1

24.1.3-1

24.1.3-2

24.1.5-1

24.1.5-2

24.1.5-3

24.1.6-1

24.2.0~rc3-1

24.2.0~rc3-2

24.2.0~rc4-1

24.2.0-1

24.2.0-2

24.2.1-1

24.2.1-2

24.2.1-3

24.2.1-4

24.2.2-1~bpo12+1

24.2.2-1

24.2.2-1+exp1

24.2.3-1

24.2.3-1+x32

24.2.4-1~bpo12+1

24.2.4-1

24.2.6-1

24.2.7-1

24.2.8-1~bpo12+1

24.2.8-1

24.3.0~rc1-1

24.3.0~rc2-1

24.3.0-1

24.3.3-1

24.3.4-1

24.3.4-2

24.3.4-3

25.*

25.0.0~rc1-1

25.0.0~rc1-2

25.0.0~rc2-1

25.0.0~rc3-1

25.0.0-1

25.0.1-1

25.0.1-2

25.0.2-1

25.0.3-1

25.0.4-1~bpo12+1

25.0.4-1

25.0.5-1

25.0.5-2

25.0.7-1

25.0.7-2~bpo12+1

25.0.7-2

25.1.0-1

25.1.5-1

25.1.7-1

25.2.0-1

25.2.1-1

25.2.1-2

25.2.2-1

25.2.3-1~bpo13+1

25.2.3-1

25.2.4-1~bpo13+1

25.2.4-1~bpo13+2

25.2.4-1

25.2.5-1

25.2.6-1~bpo13+1

25.2.6-1

25.2.7-1

25.2.8-1

25.2.8-2

25.3.0~rc1-1

25.3.0~rc2-1

25.3.0~rc4-1

25.3.0-1

25.3.1-1

25.3.2-1

25.3.2-2

25.3.3-1

26.*

26.0.0~rc3-1

26.0.0-1

26.0.1-1

26.0.1-2

26.0.2-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-45931.json"

Debian:12 / mesa

Package

Name: mesa
Purl: pkg:deb/debian/mesa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

22.*

22.3.6-1+deb12u1

23.*

23.0.0~rc1-1

23.0.0~rc4-1

23.0.0-1

23.0.1-1

23.0.2-1

23.1.0~rc2-1

23.1.0~rc3-1

23.1.0-1

23.1.1-1

23.1.2-1

23.1.3-1

23.1.4-1

23.1.6-1

23.1.7-1

23.2.0~rc2-1

23.2.0~rc3-1

23.2.0~rc3-2

23.2.0~rc3-3

23.2.0~rc4-1

23.2.1-1

23.3.0~rc1-1

23.3.0~rc2-1

23.3.0~rc3-1

23.3.0~rc4-1

23.3.0~rc5-1

23.3.0-1

23.3.0-2

23.3.1-1

23.3.1-1+exp1

23.3.1-2

23.3.1-3

23.3.1-4

23.3.2-1

23.3.2-2

23.3.3-1

23.3.3-2

23.3.3-3

23.3.4-1

23.3.5-1

24.*

24.0.0~rc1-1

24.0.0~rc2-1

24.0.0~rc3-1

24.0.0-1

24.0.0-2

24.0.1-1

24.0.2-1

24.0.3-1

24.0.4-1

24.0.5-1

24.0.6-1

24.0.7-1

24.0.8-1

24.1.0~rc1-1

24.1.0~rc2-1

24.1.0~rc3-1

24.1.0-1

24.1.0-2

24.1.1-1

24.1.1-2

24.1.2-1

24.1.3-1

24.1.3-2

24.1.5-1

24.1.5-2

24.1.5-3

24.1.6-1

24.2.0~rc3-1

24.2.0~rc3-2

24.2.0~rc4-1

24.2.0-1

24.2.0-2

24.2.1-1

24.2.1-2

24.2.1-3

24.2.1-4

24.2.2-1~bpo12+1

24.2.2-1

24.2.2-1+exp1

24.2.3-1

24.2.3-1+x32

24.2.4-1~bpo12+1

24.2.4-1

24.2.6-1

24.2.7-1

24.2.8-1~bpo12+1

24.2.8-1

24.3.0~rc1-1

24.3.0~rc2-1

24.3.0-1

24.3.3-1

24.3.4-1

24.3.4-2

24.3.4-3

25.*

25.0.0~rc1-1

25.0.0~rc1-2

25.0.0~rc2-1

25.0.0~rc3-1

25.0.0-1

25.0.1-1

25.0.1-2

25.0.2-1

25.0.3-1

25.0.4-1~bpo12+1

25.0.4-1

25.0.5-1

25.0.5-2

25.0.7-1

25.0.7-2~bpo12+1

25.0.7-2

25.1.0-1

25.1.5-1

25.1.7-1

25.2.0-1

25.2.1-1

25.2.1-2

25.2.2-1

25.2.3-1~bpo13+1

25.2.3-1

25.2.4-1~bpo13+1

25.2.4-1~bpo13+2

25.2.4-1

25.2.5-1

25.2.6-1~bpo13+1

25.2.6-1

25.2.7-1

25.2.8-1

25.2.8-2

25.3.0~rc1-1

25.3.0~rc2-1

25.3.0~rc4-1

25.3.0-1

25.3.1-1

25.3.2-1

25.3.2-2

25.3.3-1

26.*

26.0.0~rc3-1

26.0.0-1

26.0.1-1

26.0.1-2

26.0.2-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-45931.json"

Debian:13 / mesa

Package

Name: mesa
Purl: pkg:deb/debian/mesa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

25.*

25.0.7-2

25.1.0-1

25.1.5-1

25.1.7-1

25.2.0-1

25.2.1-1

25.2.1-2

25.2.2-1

25.2.3-1~bpo13+1

25.2.3-1

25.2.4-1~bpo13+1

25.2.4-1~bpo13+2

25.2.4-1

25.2.5-1

25.2.6-1~bpo13+1

25.2.6-1

25.2.7-1

25.2.8-1

25.2.8-2

25.3.0~rc1-1

25.3.0~rc2-1

25.3.0~rc4-1

25.3.0-1

25.3.1-1

25.3.2-1

25.3.2-2

25.3.3-1

26.*

26.0.0~rc3-1

26.0.0-1

26.0.1-1

26.0.1-2

26.0.2-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-45931.json"

Debian:14 / mesa

Package

Name: mesa
Purl: pkg:deb/debian/mesa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

25.*

25.0.7-2

25.1.0-1

25.1.5-1

25.1.7-1

25.2.0-1

25.2.1-1

25.2.1-2

25.2.2-1

25.2.3-1~bpo13+1

25.2.3-1

25.2.4-1~bpo13+1

25.2.4-1~bpo13+2

25.2.4-1

25.2.5-1

25.2.6-1~bpo13+1

25.2.6-1

25.2.7-1

25.2.8-1

25.2.8-2

25.3.0~rc1-1

25.3.0~rc2-1

25.3.0~rc4-1

25.3.0-1

25.3.1-1

25.3.2-1

25.3.2-2

25.3.3-1

26.*

26.0.0~rc3-1

26.0.0-1

26.0.1-1

26.0.1-2

26.0.2-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-45931.json"