CVE-2013-1872

Publication date 30 May 2013

Last updated 24 July 2024

Ubuntu priority

The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access, related to the fs_visitor::remove_dead_constants function. NOTE: this issue might be related to CVE-2013-0796.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
mesa	13.04 raring	Fixed 9.1.3-0ubuntu0.3
	12.10 quantal	Fixed 9.0.3-0ubuntu0.2
	12.04 LTS precise	Fixed 8.0.4-0ubuntu0.6
	10.04 LTS lucid	Ignored end of life

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
mesa	Upstream: http://lists.freedesktop.org/pipermail/mesa-dev/2013-May/040003.html Vendor: http://www.debian.org/security/2013/dsa-2704 Upstream: ?id=067

CVE-2013-1872

Status

Patch details

References

Related Ubuntu Security Notices (USN)

Other references