1. Computers
  2. Display Drivers
  3. Graphics Cards
  4. Memory
  5. Motherboards
  6. Processors
  7. Software
  8. Storage
  9. Operating Systems


Facebook RSS Twitter Twitter Google Plus


Phoronix Test Suite

OpenBenchmarking.org

NVIDIA 295.40 Closes High-Risk Security Flaw

NVIDIA

Published on 11 April 2012 10:13 AM EDT
Written by Michael Larabel in NVIDIA
16 Comments

NVIDIA's Linux team this morning announced the immediate release of the 295.40 Linux driver. There aren't many changes for this release compared to the recent 295.33 driver release, but it does address a high-risk security vulnerability.

The official changes for the NVIDIA 295.40 Linux stable driver release include closing a security vulnerability where attackers could reconfigure GPUs to gain access to arbitrary system memory, fixes a bug causing DisplayPort devices to occasionally fail after suspend-and-resume, a new "AllowNon3DVisionModes" X configuration option, and support for two new GPUs. The newly-supported GPUs is the GeForce GT 610 and GeForce GT 635M.

The high-risk security vulnerability that was recently discovered is described in CVE-2012-0946. This issue came down to an issue whereby arbitrary system memory could be accessed because the default file permissions on the NVIDIA GPU device nodes allows for read/write access to all users. NVIDIA classified this issue as high-risk since the read/write access is needed in order to leverage NVIDIA GPU hardware acceleration whether it be for OpenGL, OpenCL, or VDPAU. Fortunately, NVIDIA quickly identified the root cause of the vulnerability and released this new driver.

NVIDIA's also released a patch to its Linux kernel shim so that older drivers can be manually patched too. However, now with the new 295.40 driver, a new CUDA library is needed otherwise the CUDA debugger will fail against the patched library. Updated 295.40 drivers have also been released for Solaris and FreeBSD, which are also affected by the vulnerability.

The latest NVIDIA Linux drivers (and for Solaris/FreeBSD) can be fetched from the NVIDIA Unix driver portal page.

Benchmarks of the NVIDIA GeForce GTX 680 are currently being conducted this week at Phoronix, so expect some new NVIDIA Linux benchmarks by next week.

Latest Linux Hardware Reviews
  1. Overclocking The AMD AM1 Athlon & Sempron APUs
  2. AMD Athlon 5350 / 5150 & Sempron 3850 / 2650
  3. Upgraded Kernel & Mesa Yield A Big Boost For Athlon R3 Graphics
  4. AMD Athlon 5350 APU On Linux
Latest Linux Articles
  1. A Quick Look At GCC 4.9 vs. LLVM Clang 3.5
  2. Are AMD Athlon/Sempron APUs Fast Enough For Steam On Linux?
  3. AMD Athlon's R3 Graphics: RadeonSI Gallium3D vs. Catalyst
  4. GCC 4.9 Compiler Optimization Benchmarks For Faster Binaries
Latest Linux News
  1. Trying Out Radeon R9 290 Graphics On Open-Source
  2. Intel Broadwell GT3 Graphics Have Dual BSD Rings
  3. Early Linux 3.15 Benchmarks Of Intel Core i7 + Radeon
  4. Red Hat Releases Its RHEL 7 Release Candidate
  5. New Features Coming To Xubuntu 14.04 LTS
  6. NVIDIA Officially Releases CUDA 6
  7. Google Releases An AutoFDO Converter For Perf In LLVM
  8. Fedora 21 To Evaluate Remote Journal Logging, 64-bit ARM Emulation
  9. Star Citizen Will Be Coming To Linux
  10. Ubuntu 14.10 Convergence To Focus On Replacing Core Apps
  11. The Results Of Optimizing Radeon's VRAM Behavior
  12. Kernel Developers Discuss Improving Kernel Configurations
Latest Forum Discussions
  1. Linux Kernel Developers Fed Up With Ridiculous Bugs In Systemd
  2. The GNOME Foundation Is Running Short On Money
  3. Bye bye BSD, Hello Linux: A Sys Admin's Story
  4. New tool for undervolt/overclock AMD K8L and K10 processors
  5. How to enable opengl 3.3 on r9 270?
  6. R290x sound problems
  7. radeon-profile: tool for changing profiles and monitoring some GPU parameters
  8. Torvalds Is Unconvinced By LTO'ing A Linux Kernel