CVE-2023-45913 - Vulnerability Details - OpenCVE

Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId(). This vulnerability is triggered when the X11 server sends an DRI2_BufferSwapComplete event unexpectedly when the application is using DRI3. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Mesa3d	Mesa

Configuration 1 [-]

cpe:2.3:a:mesa3d:mesa:23.0.4:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://seclists.org/fulldisclosure/2024/Jan/28
https://gitlab.freedesktop.org/mesa/mesa/-/issues/9856
https://seclists.org/fulldisclosure/2024/Jan/71

History

Thu, 29 May 2025 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mesa3d Mesa3d mesa
CPEs		cpe:2.3:a:mesa3d:mesa:23.0.4:::::::*
Vendors & Products		Mesa3d Mesa3d mesa

Thu, 07 Nov 2024 12:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-476
Metrics		cvssV3_1 `{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-03-27T00:00:00

Updated: 2024-11-07T11:12:11.352Z

Reserved: 2023-10-16T00:00:00

Link: CVE-2023-45913

Vulnrichment

Updated: 2024-08-02T20:29:32.583Z

NVD

Status : Analyzed

Published: 2024-03-27T04:15:10.590

Modified: 2025-05-29T15:31:20.253

Link: CVE-2023-45913

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-45913", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-11-07T11:12:11.352Z", "dateReserved": "2023-10-16T00:00:00", "datePublished": "2024-03-27T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-03-27T04:05:12.875935"}, "descriptions": [{"lang": "en", "value": "Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId(). This vulnerability is triggered when the X11 server sends an DRI2_BufferSwapComplete event unexpectedly when the application is using DRI3. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated."}], "tags": ["disputed"], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://gitlab.freedesktop.org/mesa/mesa/-/issues/9856"}, {"name": "20240126 Null pointer deference in freedesktop mesa", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2024/Jan/28"}, {"url": "https://seclists.org/fulldisclosure/2024/Jan/71"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:29:32.583Z"}, "title": "CVE Program Container", "references": [{"url": "https://gitlab.freedesktop.org/mesa/mesa/-/issues/9856", "tags": ["x_transferred"]}, {"name": "20240126 Null pointer deference in freedesktop mesa", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2024/Jan/28"}, {"url": "https://seclists.org/fulldisclosure/2024/Jan/71", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-476", "lang": "en", "description": "CWE-476 NULL Pointer Dereference"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-19T18:27:43.030995Z", "id": "CVE-2023-45913", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T11:12:11.352Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://gitlab.freedesktop.org/mesa/mesa/-/issues/9856", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jan/28", "name": "20240126 Null pointer deference in freedesktop mesa", "tags": ["mailing-list", "x_transferred"]}, {"url": "https://seclists.org/fulldisclosure/2024/Jan/71", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:29:32.583Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-45913", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-19T18:27:43.030995Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-19T18:18:03.701Z"}}], "cna": {"tags": ["disputed"], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://gitlab.freedesktop.org/mesa/mesa/-/issues/9856"}, {"url": "http://seclists.org/fulldisclosure/2024/Jan/28", "name": "20240126 Null pointer deference in freedesktop mesa", "tags": ["mailing-list"]}, {"url": "https://seclists.org/fulldisclosure/2024/Jan/71"}], "descriptions": [{"lang": "en", "value": "Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId(). This vulnerability is triggered when the X11 server sends an DRI2_BufferSwapComplete event unexpectedly when the application is using DRI3. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-03-27T04:05:12.875935"}}}, "cveMetadata": {"cveId": "CVE-2023-45913", "state": "PUBLISHED", "dateUpdated": "2024-11-07T11:12:11.352Z", "dateReserved": "2023-10-16T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-03-27T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mesa3d:mesa:23.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "BB4E18DD-7D05-4817-9F53-B83668D37872", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId(). This vulnerability is triggered when the X11 server sends an DRI2_BufferSwapComplete event unexpectedly when the application is using DRI3. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated."}, {"lang": "es", "value": "Se descubri\u00f3 que Mesa v23.0.4 conten\u00eda una desreferencia de puntero NULL mediante la funci\u00f3n dri2GetGlxDrawableFromXDrawableId(). Esta vulnerabilidad se activa cuando el servidor X11 env\u00eda un evento DRI2_BufferSwapComplete inesperadamente cuando la aplicaci\u00f3n usa DRI3. NOTA: esto est\u00e1 en disputa porque no existe ning\u00fan escenario en el que se demuestre la vulnerabilidad."}], "id": "CVE-2023-45913", "lastModified": "2025-05-29T15:31:20.253", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-03-27T04:15:10.590", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2024/Jan/28"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://gitlab.freedesktop.org/mesa/mesa/-/issues/9856"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/fulldisclosure/2024/Jan/71"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2024/Jan/28"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://gitlab.freedesktop.org/mesa/mesa/-/issues/9856"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/fulldisclosure/2024/Jan/71"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}