CVE-2023-45919: Medium severity mesa vulnerability
Published Mar 27, 2024
·Updated
Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server.
Affected Software
2 affected components
Mesa3d Mesa=23.0.4
Mesa Mesa
Event History
Mar 27, 2024
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
Description
Data Sourced
via NVD·05:15 AM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2023-45919?
CVE-2023-45919 has a disputed severity rating due to the lack of common scenarios requiring uninterrupted operation with an attacker-controlled server.
2
How do I fix CVE-2023-45919?
To fix CVE-2023-45919, users should upgrade to a patched version of Mesa when available.
3
What is the impact of CVE-2023-45919?
The impact of CVE-2023-45919 involves a buffer over-read, which can potentially lead to information disclosure.
4
Which software versions are affected by CVE-2023-45919?
CVE-2023-45919 affects Mesa version 23.0.4 and possibly earlier versions.
5
Is CVE-2023-45919 actively exploited?
As of now, there are no reports indicating that CVE-2023-45919 is actively exploited in the wild.