{"containers":{"cna":{"affected":[{"product":"Mesa 3D X11 Graphics library","vendor":"n/a","versions":[{"status":"affected","version":"19.1.2"}]}],"descriptions":[{"lang":"en","value":"An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability."}],"metrics":[{"cvssV3_0":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":5.1,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","version":"3.0"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-277","description":"CWE-277: Insecure Inherited Permissions","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-04-19T17:33:45.000Z","orgId":"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b","shortName":"talos"},"references":[{"name":"[debian-lts-announce] 20191115 [SECURITY] [DLA 1993-1] mesa security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00013.html"},{"name":"openSUSE-SU-2020:0084","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00037.html"},{"name":"USN-4271-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/4271-1/"},{"tags":["x_refsource_MISC"],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857"},{"tags":["x_refsource_MISC"],"url":"https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html"},{"tags":["x_refsource_MISC"],"url":"https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"talos-cna@cisco.com","ID":"CVE-2019-5068","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Mesa 3D X11 Graphics library","version":{"version_data":[{"version_value":"19.1.2"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability."}]},"impact":{"cvss":{"baseScore":5.1,"baseSeverity":"Medium","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","version":"3.0"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-277: Insecure Inherited Permissions"}]}]},"references":{"reference_data":[{"name":"[debian-lts-announce] 20191115 [SECURITY] [DLA 1993-1] mesa security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00013.html"},{"name":"openSUSE-SU-2020:0084","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00037.html"},{"name":"USN-4271-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/4271-1/"},{"name":"https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857","refsource":"MISC","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857"},{"name":"https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html","refsource":"MISC","url":"https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html"},{"name":"https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc","refsource":"MISC","url":"https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T19:47:56.664Z"},"title":"CVE Program Container","references":[{"name":"[debian-lts-announce] 20191115 [SECURITY] [DLA 1993-1] mesa security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00013.html"},{"name":"openSUSE-SU-2020:0084","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00037.html"},{"name":"USN-4271-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/4271-1/"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc"}]}]},"cveMetadata":{"assignerOrgId":"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b","assignerShortName":"talos","cveId":"CVE-2019-5068","datePublished":"2019-11-05T21:11:55.000Z","dateReserved":"2019-01-04T00:00:00.000Z","dateUpdated":"2024-08-04T19:47:56.664Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}