Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2013-1872

Published: 30 May 2013

The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access, related to the fs_visitor::remove_dead_constants function. NOTE: this issue might be related to CVE-2013-0796.

Priority

Medium

Status

Package Release Status
mesa
Launchpad, Ubuntu, Debian
lucid Ignored
(end of life)
precise
Released (8.0.4-0ubuntu0.6)
quantal
Released (9.0.3-0ubuntu0.2)
raring
Released (9.1.3-0ubuntu0.3)
upstream Needs triage

Patches:
upstream: http://lists.freedesktop.org/pipermail/mesa-dev/2013-May/040003.html
vendor: http://www.debian.org/security/2013/dsa-2704
upstream: http://cgit.freedesktop.org/mesa/mesa/commit/?id=0677ea063cd96adefe87c1fb01ef7c66d905535b