Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

Ubuntu 19.10 & 18.04 LTS: USN-4271-1 Critical Mesa Issue

ubuntu
Calendar Grey February 6, 2020
Dist Ubuntu Esm H88
A recent vulnerability in Mesa reveals confidential data from Ubuntu distributions. Urgent patches are now accessible. Discover more here.
Mesa could be made to expose sensitive information.

Summary

Mesa could be made to expose sensitive information.

Software Description:

- mesa: free implementation of the EGL API

Details:

Tim Brown discovered that Mesa incorrectly handled shared memory

permissions. A local attacker could use this issue to obtain and possibly

alter sensitive information belonging to another user.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
  libd3dadapter9-mesa             19.2.8-0ubuntu0~19.10.2
  libegl-mesa0                    19.2.8-0ubuntu0~19.10.2
  libegl1-mesa                    19.2.8-0ubuntu0~19.10.2
  libgbm1                         19.2.8-0ubuntu0~19.10.2
  libgl1-mesa-dri                 19.2.8-0ubuntu0~19.10.2
  libgl1-mesa-glx                 19.2.8-0ubuntu0~19.10.2
  libglapi-mesa                   19.2.8-0ubuntu0~19.10.2
  libgles2-mesa                   19.2.8-0ubuntu0~19.10.2
  libglx-mesa0                    19.2.8-0ubuntu0~19.10.2
  libosmesa6                      19.2.8-0ubuntu0~19.10.2
  libwayland-egl1-mesa            19.2.8-0ubuntu0~19.10.2
  libxatracker2                   19.2.8-0ubuntu0~19.10.2
  mesa-opencl-icd                 19.2.8-0ubuntu0~19.10.2
  mesa-va-drivers                 19.2.8-0ubuntu0~19.10.2
  mesa-vdpau-drivers              19.2.8-0ubuntu0~19.10.2
  mesa-vulkan-drivers             19.2.8-0ubuntu0~19.10.2

Ubuntu 18.04 LTS:
  libd3dadapter9-mesa             19.2.8-0ubuntu0~18.04.2
  libegl-mesa0                    19.2.8-0ubuntu0~18.04.2
  libegl1-mesa                    19.2.8-0ubuntu0~18.04.2
  libgbm1                         19.2.8-0ubuntu0~18.04.2
  libgl1-mesa-dri                 19.2.8-0ubuntu0~18.04.2
  libgl1-mesa-glx                 19.2.8-0ubuntu0~18.04.2
  libglapi-mesa                   19.2.8-0ubuntu0~18.04.2
  libgles2-mesa                   19.2.8-0ubuntu0~18.04.2
  libglx-mesa0                    19.2.8-0ubuntu0~18.04.2
  libosmesa6                      19.2.8-0ubuntu0~18.04.2
  libwayland-egl1-mesa            19.2.8-0ubuntu0~18.04.2
  libxatracker2                   19.2.8-0ubuntu0~18.04.2
  mesa-opencl-icd                 19.2.8-0ubuntu0~18.04.2
  mesa-va-drivers                 19.2.8-0ubuntu0~18.04.2
  mesa-vdpau-drivers              19.2.8-0ubuntu0~18.04.2
  mesa-vulkan-drivers             19.2.8-0ubuntu0~18.04.2

After a standard system update you need to restart your session to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4271-1

CVE-2019-5068

Severity
critical
Lowest
Low
Medium
High
Critical

February 06, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here