Bug#944298: mesa: CVE-2019-5068

To: 944298@bugs.debian.org
Subject: Bug#944298: mesa: CVE-2019-5068
From: Sylvain Beucler <beuc@beuc.net>
Date: Thu, 14 Nov 2019 00:27:44 +0100
Message-id: <[🔎] 736dab50-85b4-0bd7-ec8b-15cab6dd8eba@beuc.net>
Reply-to: Sylvain Beucler <beuc@beuc.net>, 944298@bugs.debian.org
References: <[🔎] 157312997527.26591.18161631598791398303.reportbug@lorien.valinor.li>

Hi,

I backported and tried the patch for Debian LTS.
The patch is trivial (basically s/0777/0600/).

However, I could not find a way to reproduce the initial issue.
The only way to get those 0777 shm in `ipcs` is to run Kali specifically
in virt-manager or VirtualBox.
I could not reproduce this issue with Debian.
Any ideas?

(Also, upstream patch was reviewed/approved at last:)
https://lists.freedesktop.org/pipermail/mesa-dev/2019-November/223771.html

Cheers!
Sylvain

Reply to:

References:
- Bug#944298: mesa: CVE-2019-5068
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Bug#909041: xorg: Xorg log filling up with (EE) modeset(0): Failed to get GBM bo for flip to new front.
Next by Date: Bug#944752: libdrm FTBFS on arm* due to dh_missing exynos_fimg2d_*
Previous by thread: Processed: mesa: CVE-2019-5068
Next by thread: [Git][xorg-team/lib/libinput] Pushed new tag libinput-1.14.3-1
Index(es):
- Date
- Thread