LAYER: meta
PACKAGE NAME: mesa
PACKAGE VERSION: 2_24.0.3
CVE: CVE-2001-0474
CVE STATUS: Patched
CVE SUMMARY: Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file.
CVSS v2 BASE SCORE: 2.1
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:N/I:P/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2001-0474

LAYER: meta
PACKAGE NAME: mesa
PACKAGE VERSION: 2_24.0.3
CVE: CVE-2013-1872
CVE STATUS: Patched
CVE SUMMARY: The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access, related to the fs_visitor::remove_dead_constants function.  NOTE: this issue might be related to CVE-2013-0796.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2013-1872

LAYER: meta
PACKAGE NAME: mesa
PACKAGE VERSION: 2_24.0.3
CVE: CVE-2013-1993
CVE STATUS: Patched
CVE SUMMARY: Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2013-1993

LAYER: meta
PACKAGE NAME: mesa
PACKAGE VERSION: 2_24.0.3
CVE: CVE-2019-5068
CVE STATUS: Patched
CVE SUMMARY: An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.
CVSS v2 BASE SCORE: 3.6
CVSS v3 BASE SCORE: 5.1
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2019-5068