CVE-2023-45913

Published: March 28, 2024Last modified: June 17, 2025

Description

Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId(). This vulnerability is triggered when the X11 server sends an DRI2_BufferSwapComplete event unexpectedly when the application is using DRI3. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated.

Severity score breakdown

Parameter	Value
Base score	6.2
Attack Vector	LOCAL
Attack complexity	LOW
Privileges required	NONE
User interaction	NONE
Scope	UNCHANGED
Confidentiality	NONE
Integrity impact	NONE
Availability impact	HIGH
Vector	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Status

Product	Release	Package	Status
Alpaquita Linux	23 LTS	mesa	Unknown (22.2.4-r0)
Alpaquita Linux	Stream	mesa	Unknown (23.1.3-r4)

References

http://packetstormsecurity.com/files/176800/Mesa-23.0.4-Null-Pointer.html
http://seclists.org/fulldisclosure/2024/Jan/28
https://gitlab.freedesktop.org/mesa/mesa/-/issues/9856
https://seclists.org/fulldisclosure/2024/Jan/71