Joined: 12 May 2004
|Posted: Sat Jun 23, 2012 4:26 pm Post subject: [ GLSA 201206-19 ] NVIDIA Drivers: Privilege escalation
|Gentoo Linux Security Advisory
Title: NVIDIA Drivers: Privilege escalation (GLSA 201206-19)
Date: June 23, 2012
A vulnerability in NVIDIA drivers may allow a local attacker to
gain escalated privileges.
The NVIDIA drivers provide X11 and GLX support for NVIDIA graphic
Vulnerable: < 295.40
Unaffected: >= 295.40
Architectures: All supported architectures
A vulnerability has been found in the way NVIDIA drivers handle
read/write access to GPU device nodes, allowing access to arbitrary
system memory locations.
NOTE: Exposure to this vulnerability is reduced in Gentoo due to 660
permissions being used on the GPU device nodes by default.
A local attacker could gain escalated privileges.
There is no known workaround at this time.
All NVIDIA driver users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose