==========================================================================
Ubuntu Security Notice USN-4271-1
February 06, 2020
mesa vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 19.10
– Ubuntu 18.04 LTS
Summary:
Mesa could be made to expose sensitive information.
Software Description:
– mesa: free implementation of the EGL API
Details:
Tim Brown discovered that Mesa incorrectly handled shared memory
permissions. A local attacker could use this issue to obtain and possibly
alter sensitive information belonging to another user.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 19.10:
libd3dadapter9-mesa 19.2.8-0ubuntu0~19.10.2
libegl-mesa0 19.2.8-0ubuntu0~19.10.2
libegl1-mesa 19.2.8-0ubuntu0~19.10.2
libgbm1 19.2.8-0ubuntu0~19.10.2
libgl1-mesa-dri 19.2.8-0ubuntu0~19.10.2
libgl1-mesa-glx 19.2.8-0ubuntu0~19.10.2
libglapi-mesa 19.2.8-0ubuntu0~19.10.2
libgles2-mesa 19.2.8-0ubuntu0~19.10.2
libglx-mesa0 19.2.8-0ubuntu0~19.10.2
libosmesa6 19.2.8-0ubuntu0~19.10.2
libwayland-egl1-mesa 19.2.8-0ubuntu0~19.10.2
libxatracker2 19.2.8-0ubuntu0~19.10.2
mesa-opencl-icd 19.2.8-0ubuntu0~19.10.2
mesa-va-drivers 19.2.8-0ubuntu0~19.10.2
mesa-vdpau-drivers 19.2.8-0ubuntu0~19.10.2
mesa-vulkan-drivers 19.2.8-0ubuntu0~19.10.2
Ubuntu 18.04 LTS:
libd3dadapter9-mesa 19.2.8-0ubuntu0~18.04.2
libegl-mesa0 19.2.8-0ubuntu0~18.04.2
libegl1-mesa 19.2.8-0ubuntu0~18.04.2
libgbm1 19.2.8-0ubuntu0~18.04.2
libgl1-mesa-dri 19.2.8-0ubuntu0~18.04.2
libgl1-mesa-glx 19.2.8-0ubuntu0~18.04.2
libglapi-mesa 19.2.8-0ubuntu0~18.04.2
libgles2-mesa 19.2.8-0ubuntu0~18.04.2
libglx-mesa0 19.2.8-0ubuntu0~18.04.2
libosmesa6 19.2.8-0ubuntu0~18.04.2
libwayland-egl1-mesa 19.2.8-0ubuntu0~18.04.2
libxatracker2 19.2.8-0ubuntu0~18.04.2
mesa-opencl-icd 19.2.8-0ubuntu0~18.04.2
mesa-va-drivers 19.2.8-0ubuntu0~18.04.2
mesa-vdpau-drivers 19.2.8-0ubuntu0~18.04.2
mesa-vulkan-drivers 19.2.8-0ubuntu0~18.04.2
After a standard system update you need to restart your session to make
all the necessary changes.
References:
https://usn.ubuntu.com/4271-1
CVE-2019-5068
Package Information:
https://launchpad.net/ubuntu/+source/mesa/19.2.8-0ubuntu0~19.10.2
https://launchpad.net/ubuntu/+source/mesa/19.2.8-0ubuntu0~18.04.2
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl48JIMACgkQZWnYVadE
vpNhCw/+OWsVYMw/paJknDhuEGSNiXygTVmYTfF+rEvOfT8wKKv0bNtXAnaJdqLm
ky5wfy3ZTIOkYX8Xt5kbI6GVvuqOGNQQB2NHPJBXe+E82Dlfjbr5S+pvMcdtwI08
CbLvSjjWCEVwoI+z121y57wwg9JlcV7YNIDLtX12Nyiu4ZmK71P0Kokyubz6/alp
IbCWEyD/U8BDvwSKviP66U75mVZ9YY4/RS7ufWnf0nZFqtZG6bvtWkKAiHna4tpJ
fhFickD8cEcVbNF41ep8llZ11OzAIUS8rtSf8Q2+ZV5lyrDNFba+dlUHjiN8TcnR
9s8xxOCeZR0/NHgAewAh8b5PcJ84kN1uE2MhMkkdHGUo5r9Gmf1gWH+MNLPP4IBK
mOEP9cJLqnjWJdauVqenS0Yekk/E2KWmyY9blXTv3hXME+zqOcDd894RTR6qO04v
BPZokCVZ6nM0sLsT/KVwrUNfaDZEOVbpnrDq/0rQ64KKuA/DWbNxYbcGRG3mrdFp
Ged0JNiNn/JCvtHH84BMqtcKLycpbTg0ko9RFLipdw5q+XvLVUC/PkgoeNq2d2yS
6+sy4nh6VhHW9ulu8ESAzMW9Y/lI0iGHzni1m1vLILL8T75JPj52Dd9/nO+SSfzH
3n1jrcX5hjypfSB6lG5hJaQ6RdZuOGDjdNQY7W9mXB8Sbk3snBQ=
=do05
—–END PGP SIGNATURE—–
—