Mesa "validate_uniform_parameters()" Buffer Overflow

by Carol~ Moderator - 12/5/12 11:59 AM

In Reply to: VULNERABILITIES / FIXES - December 05, 2012 by Carol~ Moderator

Mesa "validate_uniform_parameters()" Buffer Overflow Vulnerability

Release Date : 2012-12-05

Criticality level : Less critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Software: Mesa 8.x

Description:
A vulnerability has been reported in Mesa, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "validate_uniform_parameters()" function (main/uniform_query.cpp) when handling certain uniform values and can be exploited to cause a heap-based buffer overflow.

The vulnerability is reported in versions 8.0.5 and prior.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Originally reported by miaubiz in Google Chrome.

Original Advisory:
http://www.mail-archive.com/mesa-dev@lists.freedesktop.org/msg29015.html

http://secunia.com/advisories/51489/