SUSE-SU-2024:3548-1

Опубликовано: 08 окт. 2024

Источник: suse-cvrf

Описание

Security update for Mesa

This update for Mesa fixes the following issues:

CVE-2023-45913: Fixed NULL pointer dereference via dri2GetGlxDrawableFromXDrawableId() (bsc#1222040)
CVE-2023-45919: Fixed buffer over-read in glXQueryServerString() (bsc#1222041)
CVE-2023-45922: Fixed segmentation violation in __glXGetDrawableAttribute() (bsc#1222042)

Список пакетов

Image SLES15-SP5-Hardened-BYOS-Azure

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-Hardened-BYOS-EC2

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-Hardened-BYOS-GCE

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-Azure-3P

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-Azure-LI-BYOS

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-Azure-LI-BYOS-Production

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-Azure-VLI-BYOS

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-BYOS-Azure

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-BYOS-EC2

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-BYOS-GCE

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-Hardened-Azure

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAP-Hardened-GCE

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAPCAL-Azure

Mesa-22.3.5-150500.77.5.1

Mesa-KHR-devel-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL-devel-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL-devel-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAPCAL-EC2

Mesa-22.3.5-150500.77.5.1

Mesa-KHR-devel-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL-devel-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL-devel-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Image SLES15-SP5-SAPCAL-GCE

Mesa-22.3.5-150500.77.5.1

Mesa-KHR-devel-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL-devel-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL-devel-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

SUSE Linux Enterprise Micro 5.5

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

SUSE Linux Enterprise Module for Basesystem 15 SP5

Mesa-22.3.5-150500.77.5.1

Mesa-32bit-22.3.5-150500.77.5.1

Mesa-KHR-devel-22.3.5-150500.77.5.1

Mesa-devel-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-dri-32bit-22.3.5-150500.77.5.1

Mesa-dri-devel-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-gallium-32bit-22.3.5-150500.77.5.1

Mesa-libEGL-devel-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libEGL1-32bit-22.3.5-150500.77.5.1

Mesa-libGL-devel-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libGL1-32bit-22.3.5-150500.77.5.1

Mesa-libGLESv1_CM-devel-22.3.5-150500.77.5.1

Mesa-libGLESv2-devel-22.3.5-150500.77.5.1

Mesa-libGLESv3-devel-22.3.5-150500.77.5.1

Mesa-libd3d-22.3.5-150500.77.5.1

Mesa-libd3d-devel-22.3.5-150500.77.5.1

Mesa-libglapi-devel-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

Mesa-libglapi0-32bit-22.3.5-150500.77.5.1

Mesa-libva-22.3.5-150500.77.5.1

Mesa-vulkan-device-select-22.3.5-150500.77.5.1

Mesa-vulkan-overlay-22.3.5-150500.77.5.1

libOSMesa-devel-22.3.5-150500.77.5.1

libOSMesa8-22.3.5-150500.77.5.1

libgbm-devel-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

libgbm1-32bit-22.3.5-150500.77.5.1

libvdpau_r300-22.3.5-150500.77.5.1

libvdpau_r600-22.3.5-150500.77.5.1

libvdpau_radeonsi-22.3.5-150500.77.5.1

libvdpau_virtio_gpu-22.3.5-150500.77.5.1

libvulkan_intel-22.3.5-150500.77.5.1

libvulkan_lvp-22.3.5-150500.77.5.1

libvulkan_radeon-22.3.5-150500.77.5.1

libxatracker-devel-1.0.0-150500.77.5.1

libxatracker2-1.0.0-150500.77.5.1

SUSE Linux Enterprise Module for Basesystem 15 SP6

libvdpau_r300-22.3.5-150500.77.5.1

SUSE Linux Enterprise Module for Package Hub 15 SP5

libOSMesa8-32bit-22.3.5-150500.77.5.1

SUSE Linux Enterprise Module for Package Hub 15 SP6

Mesa-vulkan-device-select-32bit-22.3.5-150500.77.5.1

libvulkan_intel-32bit-22.3.5-150500.77.5.1

libvulkan_radeon-32bit-22.3.5-150500.77.5.1

SUSE Linux Enterprise Workstation Extension 15 SP5

Mesa-dri-nouveau-22.3.5-150500.77.5.1

libvdpau_nouveau-22.3.5-150500.77.5.1

openSUSE Leap 15.5

Mesa-22.3.5-150500.77.5.1

Mesa-32bit-22.3.5-150500.77.5.1

Mesa-KHR-devel-22.3.5-150500.77.5.1

Mesa-devel-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-dri-32bit-22.3.5-150500.77.5.1

Mesa-dri-devel-22.3.5-150500.77.5.1

Mesa-dri-nouveau-22.3.5-150500.77.5.1

Mesa-dri-nouveau-32bit-22.3.5-150500.77.5.1

Mesa-dri-vc4-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-gallium-32bit-22.3.5-150500.77.5.1

Mesa-libEGL-devel-22.3.5-150500.77.5.1

Mesa-libEGL-devel-32bit-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libEGL1-32bit-22.3.5-150500.77.5.1

Mesa-libGL-devel-22.3.5-150500.77.5.1

Mesa-libGL-devel-32bit-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libGL1-32bit-22.3.5-150500.77.5.1

Mesa-libGLESv1_CM-devel-22.3.5-150500.77.5.1

Mesa-libGLESv1_CM-devel-32bit-22.3.5-150500.77.5.1

Mesa-libGLESv2-devel-22.3.5-150500.77.5.1

Mesa-libGLESv2-devel-32bit-22.3.5-150500.77.5.1

Mesa-libGLESv3-devel-22.3.5-150500.77.5.1

Mesa-libOpenCL-22.3.5-150500.77.5.1

Mesa-libd3d-22.3.5-150500.77.5.1

Mesa-libd3d-32bit-22.3.5-150500.77.5.1

Mesa-libd3d-devel-22.3.5-150500.77.5.1

Mesa-libd3d-devel-32bit-22.3.5-150500.77.5.1

Mesa-libglapi-devel-22.3.5-150500.77.5.1

Mesa-libglapi-devel-32bit-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

Mesa-libglapi0-32bit-22.3.5-150500.77.5.1

Mesa-libva-22.3.5-150500.77.5.1

Mesa-vulkan-device-select-22.3.5-150500.77.5.1

Mesa-vulkan-device-select-32bit-22.3.5-150500.77.5.1

Mesa-vulkan-overlay-22.3.5-150500.77.5.1

Mesa-vulkan-overlay-32bit-22.3.5-150500.77.5.1

libOSMesa-devel-22.3.5-150500.77.5.1

libOSMesa-devel-32bit-22.3.5-150500.77.5.1

libOSMesa8-22.3.5-150500.77.5.1

libOSMesa8-32bit-22.3.5-150500.77.5.1

libgbm-devel-22.3.5-150500.77.5.1

libgbm-devel-32bit-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

libgbm1-32bit-22.3.5-150500.77.5.1

libvdpau_nouveau-22.3.5-150500.77.5.1

libvdpau_nouveau-32bit-22.3.5-150500.77.5.1

libvdpau_r300-22.3.5-150500.77.5.1

libvdpau_r300-32bit-22.3.5-150500.77.5.1

libvdpau_r600-22.3.5-150500.77.5.1

libvdpau_r600-32bit-22.3.5-150500.77.5.1

libvdpau_radeonsi-22.3.5-150500.77.5.1

libvdpau_radeonsi-32bit-22.3.5-150500.77.5.1

libvdpau_virtio_gpu-22.3.5-150500.77.5.1

libvdpau_virtio_gpu-32bit-22.3.5-150500.77.5.1

libvulkan_broadcom-22.3.5-150500.77.5.1

libvulkan_freedreno-22.3.5-150500.77.5.1

libvulkan_intel-22.3.5-150500.77.5.1

libvulkan_intel-32bit-22.3.5-150500.77.5.1

libvulkan_lvp-22.3.5-150500.77.5.1

libvulkan_radeon-22.3.5-150500.77.5.1

libvulkan_radeon-32bit-22.3.5-150500.77.5.1

libxatracker-devel-1.0.0-150500.77.5.1

libxatracker2-1.0.0-150500.77.5.1

openSUSE Leap Micro 5.5

Mesa-22.3.5-150500.77.5.1

Mesa-dri-22.3.5-150500.77.5.1

Mesa-gallium-22.3.5-150500.77.5.1

Mesa-libEGL1-22.3.5-150500.77.5.1

Mesa-libGL1-22.3.5-150500.77.5.1

Mesa-libglapi0-22.3.5-150500.77.5.1

libgbm1-22.3.5-150500.77.5.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20243548-1/
Link for SUSE-SU-2024:3548-1
https://lists.suse.com/pipermail/sle-updates/2024-October/037166.html
E-Mail link for SUSE-SU-2024:3548-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1222040
SUSE Bug 1222040
https://bugzilla.suse.com/1222041
SUSE Bug 1222041
https://bugzilla.suse.com/1222042
SUSE Bug 1222042
https://www.suse.com/security/cve/CVE-2023-45913/
SUSE CVE CVE-2023-45913 page
https://www.suse.com/security/cve/CVE-2023-45919/
SUSE CVE CVE-2023-45919 page
https://www.suse.com/security/cve/CVE-2023-45922/
SUSE CVE CVE-2023-45922 page

Описание

** DISPUTED ** Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId(). This vulnerability is triggered when the X11 server sends an DRI2_BufferSwapComplete event unexpectedly when the application is using DRI3. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated.

Затронутые продукты

Image SLES15-SP5-Hardened-BYOS-Azure:Mesa-22.3.5-150500.77.5.1

Image SLES15-SP5-Hardened-BYOS-Azure:Mesa-dri-22.3.5-150500.77.5.1

Image SLES15-SP5-Hardened-BYOS-Azure:Mesa-gallium-22.3.5-150500.77.5.1

Image SLES15-SP5-Hardened-BYOS-Azure:Mesa-libEGL1-22.3.5-150500.77.5.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-45913.html
CVE-2023-45913
https://bugzilla.suse.com/1222040
SUSE Bug 1222040

Описание

** DISPUTED ** Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server.

Затронутые продукты

Image SLES15-SP5-Hardened-BYOS-Azure:Mesa-22.3.5-150500.77.5.1

Image SLES15-SP5-Hardened-BYOS-Azure:Mesa-dri-22.3.5-150500.77.5.1

Image SLES15-SP5-Hardened-BYOS-Azure:Mesa-gallium-22.3.5-150500.77.5.1

Image SLES15-SP5-Hardened-BYOS-Azure:Mesa-libEGL1-22.3.5-150500.77.5.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-45919.html
CVE-2023-45919
https://bugzilla.suse.com/1222041
SUSE Bug 1222041

Описание

** DISPUTED ** glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling __glXGetDrawableAttribute(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server.

Затронутые продукты

Image SLES15-SP5-Hardened-BYOS-Azure:Mesa-22.3.5-150500.77.5.1

Image SLES15-SP5-Hardened-BYOS-Azure:Mesa-dri-22.3.5-150500.77.5.1

Image SLES15-SP5-Hardened-BYOS-Azure:Mesa-gallium-22.3.5-150500.77.5.1

Image SLES15-SP5-Hardened-BYOS-Azure:Mesa-libEGL1-22.3.5-150500.77.5.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-45922.html
CVE-2023-45922
https://bugzilla.suse.com/1222042
SUSE Bug 1222042

SUSE-SU-2024:3548-1

Описание

Список пакетов

Image SLES15-SP5-Hardened-BYOS-Azure

Image SLES15-SP5-Hardened-BYOS-EC2

Image SLES15-SP5-Hardened-BYOS-GCE

Image SLES15-SP5-SAP-Azure-3P

Image SLES15-SP5-SAP-Azure-LI-BYOS

Image SLES15-SP5-SAP-Azure-LI-BYOS-Production

Image SLES15-SP5-SAP-Azure-VLI-BYOS

Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP5-SAP-BYOS-Azure

Image SLES15-SP5-SAP-BYOS-EC2

Image SLES15-SP5-SAP-BYOS-GCE

Image SLES15-SP5-SAP-Hardened-Azure

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

Image SLES15-SP5-SAP-Hardened-GCE

Image SLES15-SP5-SAPCAL-Azure

Image SLES15-SP5-SAPCAL-EC2

Image SLES15-SP5-SAPCAL-GCE

SUSE Linux Enterprise Micro 5.5

SUSE Linux Enterprise Module for Basesystem 15 SP5

SUSE Linux Enterprise Module for Basesystem 15 SP6

SUSE Linux Enterprise Module for Package Hub 15 SP5

SUSE Linux Enterprise Module for Package Hub 15 SP6

SUSE Linux Enterprise Workstation Extension 15 SP5

openSUSE Leap 15.5

openSUSE Leap Micro 5.5

Ссылки

Уязвимость: CVE-2023-45913

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-45919

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-45922

Описание

Затронутые продукты

Ссылки