CVE-2013-1872

Name of the Vulnerable Software and Affected Versions Mesa versions 8.0.x through 9.0.x libvdpau r600-debuginfo (affected versions not specified) libvdpau r600-32bit (affected versions not specified) libXvMC r300-debuginfo (affected versions not specified) Mesa-libEGL1-debuginfo-32bit (affected versions not specified) libOSMesa8 (affected versions not specified) libXvMC r600-debuginfo (affected versions not specified) Mesa-libEGL-devel (affected versions not specified) Mesa-libglapi0-32bit (affected versions not specified) Mesa-libGLU1-debuginfo-32bit (affected versions not specified) mesa-libGLU-9.0 (affected versions not specified) libXvMC softpipe-debuginfo-32bit (affected versions not specified) Mesa-libglapi0-debuginfo (affected versions not specified) mesa-libGLU-devel-9.0 (affected versions not specified) Mesa-debuginfo-32bit (affected versions not specified) libXvMC r600-debuginfo-32bit (affected versions not specified) libOSMesa9-32bit (affected versions not specified) mesa-libGL-9.0 (affected versions not specified) mesa-libOSMesa-devel-9.0 (affected versions not specified) libgbm1-debuginfo-32bit (affected versions not specified) Mesa-libIndirectGL-devel (affected versions not specified) libvdpau r300-debuginfo (affected versions not specified) Mesa-debuginfo (affected versions not specified) Mesa-libGLESv2-devel-32bit (affected versions not specified) Mesa-libGLU-devel (affected versions not specified) Mesa-devel (affected versions not specified) libxatracker-devel (affected versions not specified) libXvMC nouveau-debuginfo (affected versions not specified) libgbm-devel (affected versions not specified) libxatracker1 (affected versions not specified) mesa-dri-filesystem-9.0 (affected versions not specified) mesa-libGL-devel-9.0 (affected versions not specified) Mesa-libGLU1 (affected versions not specified) Mesa-libGL-devel (affected versions not specified) libgbm-devel-32bit (affected versions not specified) mesa-libGL-devel-9.0 (affected versions not specified) Mesa-32bit (affected versions not specified) Mesa-libGLESv1 CM1-debuginfo (affected versions not specified) Mesa-libGLESv1 CM1-debuginfo-32bit (affected versions not specified) libvdpau r300-debuginfo-32bit (affected versions not specified) libXvMC r300-debuginfo-32bit (affected versions not specified) libXvMC r600 (affected versions not specified) libgbm1-debuginfo (affected versions not specified) libOSMesa9-debuginfo-32bit (affected versions not specified) libvdpau r300 (affected versions not specified) Mesa-libEGL1-32bit (affected versions not specified) mesa-demos-9.0 (affected versions not specified) libvdpau nouveau-debuginfo-32bit (affected versions not specified) Mesa-libIndirectGL1-32bit (affected versions not specified) mesa-debuginfo-9.0 (affected versions not specified) Mesa-libGL1-32bit (affected versions not specified) Mesa-libglapi-devel (affected versions not specified) libOSMesa-devel (affected versions not specified) libvdpau softpipe-debuginfo-32bit (affected versions not specified) Mesa-libGLESv1 CM-devel (affected versions not specified) mesa-demos-9.0 (affected versions not specified) libvdpau nouveau-debuginfo (affected versions not specified) Mesa-libGL-devel-32bit (affected versions not specified) libvdpau softpipe-debuginfo (affected versions not specified) mesa-libGLU-9.0 (affected versions not specified) Mesa-libglapi0 (affected versions not specified) mesa-libGLU-devel-9.0 (affected versions not specified) libXvMC nouveau (affected versions not specified) Mesa (affected versions not specified) Mesa-libEGL1-debuginfo (affected versions not specified) libXvMC r600-32bit (affected versions not specified) mesa-dri-drivers-9.0 (affected versions not specified) Mesa-libGLESv1 CM-devel-32bit (affected versions not specified) libXvMC softpipe (affected versions not specified) Mesa-libEGL-devel-32bit (affected versions not specified) libOSMesa-devel-32bit (affected versions not specified) Mesa-libIndirectGL1 (affected versions not specified) Mesa-libGL1 (affected versions not specified) Mesa-32bit (affected versions not specified) libXvMC r300 (affected versions not specified) Mesa-libGLU-devel-32bit (affected versions not specified) Mesa-libGLESv2-2 (affected versions not specified) libXvMC softpipe-32bit (affected versions not specified) libvdpau r600-debuginfo-32bit (affected versions not specified) Mesa-libIndirectGL-devel-32bit (affected versions not specified) libXvMC softpipe-debuginfo (affected versions not specified) Mesa-libGLESv2-2-debuginfo (affected versions not specified) libgbm1 (affected versions not specified) Mesa-libGLESv2-2-debuginfo-32bit (affected versions not specified) libOSMesa9-debuginfo (affected versions not specified) libOSMesa8-debuginfo (affected versions not specified) libvdpau nouveau (affected versions not specified) libvdpau r600 (affected versions not specified) Mesa-devel (affected versions not specified) mesa-libOSMesa-devel-9.0 (affected versions not specified) Mesa-libIndirectGL1-debuginfo (affected versions not specified) Mesa-libGLESv1 CM1-32bit (affected versions not specified) Mesa-libglapi0-debuginfo-32bit (affected versions not specified) libvdpau nouveau-32bit (affected versions not specified) Mesa-libGLESv2-2-32bit (affected versions not specified) Mesa-libGL1-debuginfo (affected versions not specified) libvdpau softpipe-32bit (affected versions not specified) Mesa-libGLESv2-devel (affected versions not specified) mesa-dri-filesystem-9.0 (affected versions not specified) libxatracker1-debuginfo (affected versions not specified) libXvMC r300-32bit (affected versions not specified) libXvMC nouveau-debuginfo-32bit (affected versions not specified) mesa-dri-drivers-9.0 (affected versions not specified) libgbm1-32bit (affected versions not specified) mesa-debuginfo-9.0 (affected versions not specified)

Description The vulnerability allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access, related to the fs visitor::remove dead constants function. The vulnerability can be exploited remotely.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.