CVE-2023-45913

CVSS v3.1

6.2

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Mesa version 23.0.4

Description A NULL pointer dereference was discovered in Mesa via the function dri2GetGlxDrawableFromXDrawableId(). This issue is triggered when the X11 server sends a DRI2 BufferSwapComplete event unexpectedly while the application is using DRI3. It is noted that the vulnerability is disputed as there is no demonstrated scenario.

Recommendations For Mesa version 23.0.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

CVE-2023-45913

ECHO-AD9E-483B-55EE

OPENSUSE-SU-2024:14475-1

OPENSUSE-SU-2024_3540-1

OPENSUSE-SU-2024_3544-1

OPENSUSE-SU-2024_3548-1

SUSE-SU-2024:3526-1

SUSE-SU-2024:3540-1

SUSE-SU-2024:3544-1

SUSE-SU-2024:3548-1

SUSE-SU-2024_3526-1

SUSE-SU-2024_3540-1

SUSE-SU-2024_3544-1

SUSE-SU-2024_3548-1

SUSE-SU-2025:02803-1

SUSE-SU-2025:20082-1

SUSE-SU-2025:20664-1

Affected Products

Debian

Mesa

Suse

CVE-2023-45913

Weakness Enumeration

Related Identifiers

Affected Products

References · 38