Security update for Mesa SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:02803-1 Final 1 1 2025-08-14T16:33:50Z current 2025-08-14T16:33:50Z 2025-08-14T16:33:50Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for Mesa This update for Mesa fixes the following issues: - CVE-2023-45913: Fixed NULL pointer dereference via dri2GetGlxDrawableFromXDrawableId() (bsc#1222040) - CVE-2023-45919: Fixed buffer over-read in glXQueryServerString() (bsc#1222041) - CVE-2023-45922: Fixed segmentation violation in __glXGetDrawableAttribute() (bsc#1222042) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-2803,SUSE-SUSE-MicroOS-5.2-2025-2803 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202502803-1/ Link for SUSE-SU-2025:02803-1 https://lists.suse.com/pipermail/sle-updates/2025-August/041218.html E-Mail link for SUSE-SU-2025:02803-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1222040 SUSE Bug 1222040 https://bugzilla.suse.com/1222041 SUSE Bug 1222041 https://bugzilla.suse.com/1222042 SUSE Bug 1222042 https://www.suse.com/security/cve/CVE-2023-45913/ SUSE CVE CVE-2023-45913 page https://www.suse.com/security/cve/CVE-2023-45919/ SUSE CVE CVE-2023-45919 page https://www.suse.com/security/cve/CVE-2023-45922/ SUSE CVE CVE-2023-45922 page SUSE Linux Enterprise Micro 5.2 Mesa-20.2.4-150300.59.9.1 Mesa-32bit-20.2.4-150300.59.9.1 Mesa-64bit-20.2.4-150300.59.9.1 Mesa-KHR-devel-20.2.4-150300.59.9.1 Mesa-devel-20.2.4-150300.59.9.1 Mesa-dri-20.2.4-150300.59.9.1 Mesa-dri-32bit-20.2.4-150300.59.9.1 Mesa-dri-64bit-20.2.4-150300.59.9.1 Mesa-dri-devel-20.2.4-150300.59.9.1 Mesa-dri-nouveau-20.2.4-150300.59.9.1 Mesa-dri-nouveau-32bit-20.2.4-150300.59.9.1 Mesa-dri-nouveau-64bit-20.2.4-150300.59.9.1 Mesa-dri-vc4-20.2.4-150300.59.9.1 Mesa-dri-vc4-64bit-20.2.4-150300.59.9.1 Mesa-gallium-20.2.4-150300.59.9.1 Mesa-gallium-32bit-20.2.4-150300.59.9.1 Mesa-gallium-64bit-20.2.4-150300.59.9.1 Mesa-libEGL-devel-20.2.4-150300.59.9.1 Mesa-libEGL-devel-32bit-20.2.4-150300.59.9.1 Mesa-libEGL-devel-64bit-20.2.4-150300.59.9.1 Mesa-libEGL1-20.2.4-150300.59.9.1 Mesa-libEGL1-32bit-20.2.4-150300.59.9.1 Mesa-libEGL1-64bit-20.2.4-150300.59.9.1 Mesa-libGL-devel-20.2.4-150300.59.9.1 Mesa-libGL-devel-32bit-20.2.4-150300.59.9.1 Mesa-libGL-devel-64bit-20.2.4-150300.59.9.1 Mesa-libGL1-20.2.4-150300.59.9.1 Mesa-libGL1-32bit-20.2.4-150300.59.9.1 Mesa-libGL1-64bit-20.2.4-150300.59.9.1 Mesa-libGLESv1_CM-devel-20.2.4-150300.59.9.1 Mesa-libGLESv1_CM-devel-32bit-20.2.4-150300.59.9.1 Mesa-libGLESv1_CM-devel-64bit-20.2.4-150300.59.9.1 Mesa-libGLESv2-devel-20.2.4-150300.59.9.1 Mesa-libGLESv2-devel-32bit-20.2.4-150300.59.9.1 Mesa-libGLESv2-devel-64bit-20.2.4-150300.59.9.1 Mesa-libGLESv3-devel-20.2.4-150300.59.9.1 Mesa-libOpenCL-20.2.4-150300.59.9.1 Mesa-libVulkan-devel-20.2.4-150300.59.9.1 Mesa-libd3d-20.2.4-150300.59.9.1 Mesa-libd3d-32bit-20.2.4-150300.59.9.1 Mesa-libd3d-64bit-20.2.4-150300.59.9.1 Mesa-libd3d-devel-20.2.4-150300.59.9.1 Mesa-libd3d-devel-32bit-20.2.4-150300.59.9.1 Mesa-libd3d-devel-64bit-20.2.4-150300.59.9.1 Mesa-libglapi-devel-20.2.4-150300.59.9.1 Mesa-libglapi-devel-32bit-20.2.4-150300.59.9.1 Mesa-libglapi-devel-64bit-20.2.4-150300.59.9.1 Mesa-libglapi0-20.2.4-150300.59.9.1 Mesa-libglapi0-32bit-20.2.4-150300.59.9.1 Mesa-libglapi0-64bit-20.2.4-150300.59.9.1 Mesa-libva-20.2.4-150300.59.9.1 Mesa-vulkan-device-select-20.2.4-150300.59.9.1 Mesa-vulkan-device-select-32bit-20.2.4-150300.59.9.1 Mesa-vulkan-overlay-20.2.4-150300.59.9.1 Mesa-vulkan-overlay-32bit-20.2.4-150300.59.9.1 libOSMesa-devel-20.2.4-150300.59.9.1 libOSMesa-devel-32bit-20.2.4-150300.59.9.1 libOSMesa-devel-64bit-20.2.4-150300.59.9.1 libOSMesa8-20.2.4-150300.59.9.1 libOSMesa8-32bit-20.2.4-150300.59.9.1 libOSMesa8-64bit-20.2.4-150300.59.9.1 libXvMC_nouveau-20.2.4-150300.59.9.1 libXvMC_nouveau-32bit-20.2.4-150300.59.9.1 libXvMC_nouveau-64bit-20.2.4-150300.59.9.1 libXvMC_r600-20.2.4-150300.59.9.1 libXvMC_r600-32bit-20.2.4-150300.59.9.1 libXvMC_r600-64bit-20.2.4-150300.59.9.1 libgbm-devel-20.2.4-150300.59.9.1 libgbm-devel-32bit-20.2.4-150300.59.9.1 libgbm-devel-64bit-20.2.4-150300.59.9.1 libgbm1-20.2.4-150300.59.9.1 libgbm1-32bit-20.2.4-150300.59.9.1 libgbm1-64bit-20.2.4-150300.59.9.1 libvdpau_nouveau-20.2.4-150300.59.9.1 libvdpau_nouveau-32bit-20.2.4-150300.59.9.1 libvdpau_nouveau-64bit-20.2.4-150300.59.9.1 libvdpau_r300-20.2.4-150300.59.9.1 libvdpau_r300-32bit-20.2.4-150300.59.9.1 libvdpau_r300-64bit-20.2.4-150300.59.9.1 libvdpau_r600-20.2.4-150300.59.9.1 libvdpau_r600-32bit-20.2.4-150300.59.9.1 libvdpau_r600-64bit-20.2.4-150300.59.9.1 libvdpau_radeonsi-20.2.4-150300.59.9.1 libvdpau_radeonsi-32bit-20.2.4-150300.59.9.1 libvdpau_radeonsi-64bit-20.2.4-150300.59.9.1 libvulkan_intel-20.2.4-150300.59.9.1 libvulkan_intel-32bit-20.2.4-150300.59.9.1 libvulkan_radeon-20.2.4-150300.59.9.1 libvulkan_radeon-32bit-20.2.4-150300.59.9.1 libxatracker-devel-1.0.0-150300.59.9.1 libxatracker2-1.0.0-150300.59.9.1 libgbm1-20.2.4-150300.59.9.1 as a component of SUSE Linux Enterprise Micro 5.2 Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId(). This vulnerability is triggered when the X11 server sends an DRI2_BufferSwapComplete event unexpectedly when the application is using DRI3. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated. CVE-2023-45913 SUSE Linux Enterprise Micro 5.2:libgbm1-20.2.4-150300.59.9.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502803-1/ https://www.suse.com/security/cve/CVE-2023-45913.html CVE-2023-45913 https://bugzilla.suse.com/1222040 SUSE Bug 1222040 Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server. CVE-2023-45919 SUSE Linux Enterprise Micro 5.2:libgbm1-20.2.4-150300.59.9.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502803-1/ https://www.suse.com/security/cve/CVE-2023-45919.html CVE-2023-45919 https://bugzilla.suse.com/1222041 SUSE Bug 1222041 glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling __glXGetDrawableAttribute(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server. CVE-2023-45922 SUSE Linux Enterprise Micro 5.2:libgbm1-20.2.4-150300.59.9.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502803-1/ https://www.suse.com/security/cve/CVE-2023-45922.html CVE-2023-45922 https://bugzilla.suse.com/1222042 SUSE Bug 1222042