CVE-2023-45919
MEDIUMMesa 23.0.4 - Buffer Over-read in glXQueryServerString
Title source: llmDescription
Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server.
References (3)
Core 3
Core References
Exploit, Vendor Advisory
https://gitlab.freedesktop.org/mesa/mesa/-/issues/9858
Exploit, Third Party Advisory
http://packetstormsecurity.com/files/176802/Mesa-23.0.4-Buffer-Overflow.html
Mailing List, Third Party Advisory mailing-list
http://seclists.org/fulldisclosure/2024/Jan/47
Scores
CVSS v3
5.3
EPSS
0.0039
EPSS Percentile
30.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-126
Status
published
Products (1)
mesa3d/mesa
23.0.4
Published
Mar 27, 2024
Tracked Since
Feb 18, 2026