[Mesa-dev] CVE-2019-19520: Local privilege escalation via xlock
Jonathan Gray
jsg at jsg.id.au
Thu Dec 5 04:43:15 UTC 2019
On Thu, Dec 05, 2019 at 01:59:50PM +1000, Dave Airlie wrote:
> On Thu, 5 Dec 2019 at 13:42, Jonathan Gray <jsg at jsg.id.au> wrote:
> >
> > Until very recently OpenBSD built xlockmore against Mesa. xlock is
> > setgid auth. As described by Qualys in their advisory
> > https://marc.info/?l=oss-security&m=157549260013521&w=2
> > "CVE-2019-19520: Local privilege escalation via xlock"
> > the setuid check in the loader for LIBGL_DRIVERS_PATH does not handle
> > this.
> >
> Should we just use secure_getenv?
>
> DAve.
That is also not portable, appears to be glibc only.
More information about the mesa-dev
mailing list