=========================================================================Ubuntu Security Notice USN-4271-1
February 06, 2020

mesa vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.10
- Ubuntu 18.04 LTS

Summary:

Mesa could be made to expose sensitive information.

Software Description:
- mesa: free implementation of the EGL API

Details:

Tim Brown discovered that Mesa incorrectly handled shared memory
permissions. A local attacker could use this issue to obtain and possibly
alter sensitive information belonging to another user.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
  libd3dadapter9-mesa             19.2.8-0ubuntu0~19.10.2
  libegl-mesa0                    19.2.8-0ubuntu0~19.10.2
  libegl1-mesa                    19.2.8-0ubuntu0~19.10.2
  libgbm1                         19.2.8-0ubuntu0~19.10.2
  libgl1-mesa-dri                 19.2.8-0ubuntu0~19.10.2
  libgl1-mesa-glx                 19.2.8-0ubuntu0~19.10.2
  libglapi-mesa                   19.2.8-0ubuntu0~19.10.2
  libgles2-mesa                   19.2.8-0ubuntu0~19.10.2
  libglx-mesa0                    19.2.8-0ubuntu0~19.10.2
  libosmesa6                      19.2.8-0ubuntu0~19.10.2
  libwayland-egl1-mesa            19.2.8-0ubuntu0~19.10.2
  libxatracker2                   19.2.8-0ubuntu0~19.10.2
  mesa-opencl-icd                 19.2.8-0ubuntu0~19.10.2
  mesa-va-drivers                 19.2.8-0ubuntu0~19.10.2
  mesa-vdpau-drivers              19.2.8-0ubuntu0~19.10.2
  mesa-vulkan-drivers             19.2.8-0ubuntu0~19.10.2

Ubuntu 18.04 LTS:
  libd3dadapter9-mesa             19.2.8-0ubuntu0~18.04.2
  libegl-mesa0                    19.2.8-0ubuntu0~18.04.2
  libegl1-mesa                    19.2.8-0ubuntu0~18.04.2
  libgbm1                         19.2.8-0ubuntu0~18.04.2
  libgl1-mesa-dri                 19.2.8-0ubuntu0~18.04.2
  libgl1-mesa-glx                 19.2.8-0ubuntu0~18.04.2
  libglapi-mesa                   19.2.8-0ubuntu0~18.04.2
  libgles2-mesa                   19.2.8-0ubuntu0~18.04.2
  libglx-mesa0                    19.2.8-0ubuntu0~18.04.2
  libosmesa6                      19.2.8-0ubuntu0~18.04.2
  libwayland-egl1-mesa            19.2.8-0ubuntu0~18.04.2
  libxatracker2                   19.2.8-0ubuntu0~18.04.2
  mesa-opencl-icd                 19.2.8-0ubuntu0~18.04.2
  mesa-va-drivers                 19.2.8-0ubuntu0~18.04.2
  mesa-vdpau-drivers              19.2.8-0ubuntu0~18.04.2
  mesa-vulkan-drivers             19.2.8-0ubuntu0~18.04.2

After a standard system update you need to restart your session to make
all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-4271-1
  CVE-2019-5068

Package Information:
  https://launchpad.net/ubuntu/+source/mesa/19.2.8-0ubuntu0~19.10.2
  https://launchpad.net/ubuntu/+source/mesa/19.2.8-0ubuntu0~18.04.2

Ubuntu 4271-1: Mesa vulnerability

February 6, 2020
Mesa could be made to expose sensitive information.

Summary

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: libd3dadapter9-mesa 19.2.8-0ubuntu0~19.10.2 libegl-mesa0 19.2.8-0ubuntu0~19.10.2 libegl1-mesa 19.2.8-0ubuntu0~19.10.2 libgbm1 19.2.8-0ubuntu0~19.10.2 libgl1-mesa-dri 19.2.8-0ubuntu0~19.10.2 libgl1-mesa-glx 19.2.8-0ubuntu0~19.10.2 libglapi-mesa 19.2.8-0ubuntu0~19.10.2 libgles2-mesa 19.2.8-0ubuntu0~19.10.2 libglx-mesa0 19.2.8-0ubuntu0~19.10.2 libosmesa6 19.2.8-0ubuntu0~19.10.2 libwayland-egl1-mesa 19.2.8-0ubuntu0~19.10.2 libxatracker2 19.2.8-0ubuntu0~19.10.2 mesa-opencl-icd 19.2.8-0ubuntu0~19.10.2 mesa-va-drivers 19.2.8-0ubuntu0~19.10.2 mesa-vdpau-drivers 19.2.8-0ubuntu0~19.10.2 mesa-vulkan-drivers 19.2.8-0ubuntu0~19.10.2 Ubuntu 18.04 LTS: libd3dadapter9-mesa 19.2.8-0ubuntu0~18.04.2 libegl-mesa0 19.2.8-0ubuntu0~18.04.2 libegl1-mesa 19.2.8-0ubuntu0~18.04.2 libgbm1 19.2.8-0ubuntu0~18.04.2 libgl1-mesa-dri 19.2.8-0ubuntu0~18.04.2 libgl1-mesa-glx 19.2.8-0ubuntu0~18.04.2 libglapi-mesa 19.2.8-0ubuntu0~18.04.2 libgles2-mesa 19.2.8-0ubuntu0~18.04.2 libglx-mesa0 19.2.8-0ubuntu0~18.04.2 libosmesa6 19.2.8-0ubuntu0~18.04.2 libwayland-egl1-mesa 19.2.8-0ubuntu0~18.04.2 libxatracker2 19.2.8-0ubuntu0~18.04.2 mesa-opencl-icd 19.2.8-0ubuntu0~18.04.2 mesa-va-drivers 19.2.8-0ubuntu0~18.04.2 mesa-vdpau-drivers 19.2.8-0ubuntu0~18.04.2 mesa-vulkan-drivers 19.2.8-0ubuntu0~18.04.2 After a standard system update you need to restart your session to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4271-1

CVE-2019-5068

Severity
February 06, 2020

Package Information

https://launchpad.net/ubuntu/+source/mesa/19.2.8-0ubuntu0~19.10.2 https://launchpad.net/ubuntu/+source/mesa/19.2.8-0ubuntu0~18.04.2

Related News

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo