CVE-2013-1993

Publication date 23 May 2013

Last updated 24 July 2024

Ubuntu priority

Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
mesa	13.04 raring	Fixed 9.1.3-0ubuntu0.3
	12.10 quantal	Fixed 9.0.3-0ubuntu0.2
	12.04 LTS precise	Fixed 8.0.4-0ubuntu0.6
	10.04 LTS lucid	Ignored end of life

How can I get the fixes?
What do statuses mean?
Patch details

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
mesa	Upstream: http://cgit.freedesktop.org/mesa/mesa/commit?id=2e5a268f18be30df15aed0b44b01a18a37fb5df4 Upstream: http://cgit.freedesktop.org/mesa/mesa/commit?id=306f630e676eb901789dd09a0f30d7e7fa941ebe

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-1888-1
Mesa vulnerabilities
20 June 2013

Other references

http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
http://www.debian.org/security/2013/dsa-2678
https://www.cve.org/CVERecord?id=CVE-2013-1993