Описание
Security update for Mesa
This update for Mesa fixes the following issues:
- CVE-2023-45919: Fixed buffer over-read in glXQueryServerString() (bsc#1222041).
- CVE-2023-45913: Fixed NULL pointer dereference via dri2GetGlxDrawableFromXDrawableId() (bsc#1222040).
- CVE-2023-45922: Fixed segmentation violation in __glXGetDrawableAttribute() (bsc#CVE-2023-45922).
Список пакетов
Image SLES15-SP4-SAP
Mesa-21.2.4-150400.68.15.1
Mesa-KHR-devel-21.2.4-150400.68.15.1
Mesa-dri-21.2.4-150400.68.15.1
Mesa-gallium-21.2.4-150400.68.15.1
Mesa-libEGL-devel-21.2.4-150400.68.15.1
Mesa-libEGL1-21.2.4-150400.68.15.1
Mesa-libGL-devel-21.2.4-150400.68.15.1
Mesa-libGL1-21.2.4-150400.68.15.1
Mesa-libglapi0-21.2.4-150400.68.15.1
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure
Mesa-21.2.4-150400.68.15.1
Mesa-KHR-devel-21.2.4-150400.68.15.1
Mesa-dri-21.2.4-150400.68.15.1
Mesa-gallium-21.2.4-150400.68.15.1
Mesa-libEGL-devel-21.2.4-150400.68.15.1
Mesa-libEGL1-21.2.4-150400.68.15.1
Mesa-libGL-devel-21.2.4-150400.68.15.1
Mesa-libGL1-21.2.4-150400.68.15.1
Mesa-libglapi0-21.2.4-150400.68.15.1
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-BYOS
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-BYOS-Azure
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-BYOS-EC2
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-BYOS-GCE
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-EC2
Mesa-21.2.4-150400.68.15.1
Mesa-KHR-devel-21.2.4-150400.68.15.1
Mesa-dri-21.2.4-150400.68.15.1
Mesa-gallium-21.2.4-150400.68.15.1
Mesa-libEGL-devel-21.2.4-150400.68.15.1
Mesa-libEGL1-21.2.4-150400.68.15.1
Mesa-libGL-devel-21.2.4-150400.68.15.1
Mesa-libGL1-21.2.4-150400.68.15.1
Mesa-libglapi0-21.2.4-150400.68.15.1
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-GCE
Mesa-21.2.4-150400.68.15.1
Mesa-KHR-devel-21.2.4-150400.68.15.1
Mesa-dri-21.2.4-150400.68.15.1
Mesa-gallium-21.2.4-150400.68.15.1
Mesa-libEGL-devel-21.2.4-150400.68.15.1
Mesa-libEGL1-21.2.4-150400.68.15.1
Mesa-libGL-devel-21.2.4-150400.68.15.1
Mesa-libGL1-21.2.4-150400.68.15.1
Mesa-libglapi0-21.2.4-150400.68.15.1
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Hardened
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Hardened-Azure
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Hardened-BYOS
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Hardened-BYOS-Azure
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Hardened-BYOS-GCE
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Hardened-GCE
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAPCAL
Mesa-21.2.4-150400.68.15.1
Mesa-KHR-devel-21.2.4-150400.68.15.1
Mesa-dri-21.2.4-150400.68.15.1
Mesa-gallium-21.2.4-150400.68.15.1
Mesa-libEGL-devel-21.2.4-150400.68.15.1
Mesa-libEGL1-21.2.4-150400.68.15.1
Mesa-libGL-devel-21.2.4-150400.68.15.1
Mesa-libGL1-21.2.4-150400.68.15.1
Mesa-libglapi0-21.2.4-150400.68.15.1
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAPCAL-Azure
Mesa-21.2.4-150400.68.15.1
Mesa-KHR-devel-21.2.4-150400.68.15.1
Mesa-dri-21.2.4-150400.68.15.1
Mesa-gallium-21.2.4-150400.68.15.1
Mesa-libEGL-devel-21.2.4-150400.68.15.1
Mesa-libEGL1-21.2.4-150400.68.15.1
Mesa-libGL-devel-21.2.4-150400.68.15.1
Mesa-libGL1-21.2.4-150400.68.15.1
Mesa-libglapi0-21.2.4-150400.68.15.1
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAPCAL-EC2
Mesa-21.2.4-150400.68.15.1
Mesa-KHR-devel-21.2.4-150400.68.15.1
Mesa-dri-21.2.4-150400.68.15.1
Mesa-gallium-21.2.4-150400.68.15.1
Mesa-libEGL-devel-21.2.4-150400.68.15.1
Mesa-libEGL1-21.2.4-150400.68.15.1
Mesa-libGL-devel-21.2.4-150400.68.15.1
Mesa-libGL1-21.2.4-150400.68.15.1
Mesa-libglapi0-21.2.4-150400.68.15.1
libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAPCAL-GCE
Mesa-21.2.4-150400.68.15.1
Mesa-KHR-devel-21.2.4-150400.68.15.1
Mesa-dri-21.2.4-150400.68.15.1
Mesa-gallium-21.2.4-150400.68.15.1
Mesa-libEGL-devel-21.2.4-150400.68.15.1
Mesa-libEGL1-21.2.4-150400.68.15.1
Mesa-libGL-devel-21.2.4-150400.68.15.1
Mesa-libGL1-21.2.4-150400.68.15.1
Mesa-libglapi0-21.2.4-150400.68.15.1
libgbm1-21.2.4-150400.68.15.1
SUSE Linux Enterprise Micro 5.3
libgbm1-21.2.4-150400.68.15.1
SUSE Linux Enterprise Micro 5.4
libgbm1-21.2.4-150400.68.15.1
SUSE Linux Enterprise Module for Basesystem 15 SP5
Mesa-libVulkan-devel-21.2.4-150400.68.15.1
SUSE Linux Enterprise Module for Basesystem 15 SP6
Mesa-libVulkan-devel-21.2.4-150400.68.15.1
SUSE Linux Enterprise Workstation Extension 15 SP5
libXvMC_nouveau-21.2.4-150400.68.15.1
SUSE Linux Enterprise Workstation Extension 15 SP6
libXvMC_nouveau-21.2.4-150400.68.15.1
Ссылки
- Link for SUSE-SU-2024:3544-1
- E-Mail link for SUSE-SU-2024:3544-1
- SUSE Security Ratings
- SUSE Bug 1222040
- SUSE Bug 1222041
- SUSE Bug 1222042
- SUSE CVE CVE-2023-45913 page
- SUSE CVE CVE-2023-45919 page
- SUSE CVE CVE-2023-45922 page
Описание
** DISPUTED ** Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId(). This vulnerability is triggered when the X11 server sends an DRI2_BufferSwapComplete event unexpectedly when the application is using DRI3. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated.
Затронутые продукты
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production:libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-LI-BYOS:libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production:libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS:libgbm1-21.2.4-150400.68.15.1
Ссылки
- CVE-2023-45913
- SUSE Bug 1222040
Описание
** DISPUTED ** Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server.
Затронутые продукты
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production:libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-LI-BYOS:libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production:libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS:libgbm1-21.2.4-150400.68.15.1
Ссылки
- CVE-2023-45919
- SUSE Bug 1222041
Описание
** DISPUTED ** glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling __glXGetDrawableAttribute(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server.
Затронутые продукты
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production:libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-LI-BYOS:libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production:libgbm1-21.2.4-150400.68.15.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS:libgbm1-21.2.4-150400.68.15.1
Ссылки
- CVE-2023-45922
- SUSE Bug 1222042