5.1
CVE-2019-5068
- EPSS 0.08%
- Veröffentlicht 05.11.2019 22:15:14
- Zuletzt bearbeitet 21.11.2024 04:44:17
- Quelle talos-cna@cisco.com
- Teams Watchlist Login
- Unerledigt Login
An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version8.0
Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version19.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.234 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.4 | 1.8 | 2.5 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
|
| nvd@nist.gov | 3.6 | 3.9 | 4.9 |
AV:L/AC:L/Au:N/C:P/I:P/A:N
|
| talos-cna@cisco.com | 5.1 | 2.5 | 2.5 |
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
CWE-277 Insecure Inherited Permissions
A product defines a set of insecure permissions that are inherited by objects that are created by the program.
CWE-732 Incorrect Permission Assignment for Critical Resource
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.