1. Computers
  2. Display Drivers
  3. Graphics Cards
  4. Memory
  5. Motherboards
  6. Processors
  7. Software
  8. Storage
  9. Operating Systems


Facebook RSS Twitter Twitter Google Plus


Phoronix Test Suite

OpenBenchmarking.org

NVIDIA Has New Driver Update To Fix Security Flaw

NVIDIA

Published on 03 April 2013 01:04 AM EDT
Written by Fatima Sheremetyeva in NVIDIA
1 Comment

NVIDIA released the 313.30 Linux graphics driver on Tuesday night to take care of a security vulnerability.

Similar to past special-case releases to address security vulnerabilities with NVIDIA's binary blob, the 313.30 driver release officially just contains one security-related fix:
Fixed CVE-2013-0131: NVIDIA UNIX GPU Driver ARGB Cursor Buffer Overflow in "NoScanout" Mode. This buffer overflow, which occurred when an X client installed a large ARGB cursor on an X server running in NoScanout mode, could cause a denial of service (e.g., an X server segmentation fault), or could be exploited to achieve arbitrary code execution.
Details on this important NVIDIA driver security bug, which also hit FreeBSD and Solaris OS users, can be found in their customer portal. The good news is that this only affects those using the NoScanOut mode.

This security vulnerability that could take advantage of the X.Org Server generally running as the root user has affected NVIDIA users for a long while -- since the 195.22 driver days, or more easily known as late 2009. This is the first high-profile NVIDIA security driver bug in a few months, but last year they had some issues covered by Michael's NVIDIA Fixes Linux GPU Driver Security Hole and NVIDIA 295.40 Closes High-Risk Security Flaw.

This latest NVIDIA Linux graphics driver can be fetched from NVIDIA.com and is classified as a "certified" Linux GPU driver release.

Latest Linux Hardware Reviews
  1. MSI X99S SLI PLUS On Linux
  2. NVIDIA GeForce GTX 970 Offers Great Linux Performance
  3. CompuLab Intense-PC2: An Excellent, Fanless, Mini PC Powered By Intel's i7 Haswell
  4. From The Atom 330 To Haswell ULT: Intel Linux Performance Benchmarks
Latest Linux Articles
  1. RunAbove: A POWER8 Compute Cloud With Offerings Up To 176 Threads
  2. 6-Way Ubuntu 14.10 Linux Desktop Benchmarks
  3. Ubuntu 14.10 XMir System Compositor Benchmarks
  4. Btrfs RAID HDD Testing On Ubuntu Linux 14.10
Latest Linux News
  1. Fedora 21 Beta & Final Release Slip Further
  2. Mesa 10.3.2 Has A Couple Bug-Fixes
  3. RadeonSI/R600g HyperZ Support Gets Turned Back On
  4. openSUSE Factory & Tumbleweed Are Merging
  5. More Fedora Delays: Fedora 21 Beta Slips
  6. Mono Brings C# To The Unreal Engine 4
  7. Coreboot Now Has Support For Intel Broadwell Hardware
  8. Enlightenment's EFL 1.12 Alpha Has Evas GL-DRM Engine, OpenGL ES 1.1 Support
  9. GTK+ Lands Experimental Backend For Mir Display Server
  10. Ubuntu 14.10 Officially Released
Latest Forum Discussions
  1. AMD Radeon VDPAU Video Performance With Gallium3D
  2. HOPE: The Ease Of Python With The Speed Of C++
  3. Updated and Optimized Ubuntu Free Graphics Drivers
  4. Ubuntu 16.04 Might Be The Distribution's Last 32-Bit Release
  5. Linux hacker compares Solaris kernel code:
  6. Advertisements On Phoronix
  7. Users/Developers Threatening Fork Of Debian GNU/Linux
  8. AMD Releases UVD Video Decode Support For R600 GPUs