NVIDIA Driver Security Exploit

Posted by Michael Larabel on October 17, 2006

While this security vulnerability has been known since 2004, Rapid7 had issued a report yesterday on the buffer overflow problem in NVIDIA's binary Linux display drivers -- the issue also likely lies in the FreeBSD and Solaris drivers. This issue allows attackers to run code as root either locally or remotely. A working proof of concept is also available from Rapid7. The solution presented in this report is to remove the closed-source NVIDIA module and use the 2D NV module. NVIDIA has, however, stated that this problem has been fixed with the 1.0-9XXX series drivers. Disabling RenderAccel will also resolve this problem on the vulnerable drivers. There is also news on this NVIDIA Linux driver issue at KernelTrap. A thread has been setup on the Phoronix Forums to discuss this problem.
Discuss this article in our forums, IRC channel, or email the author. You can also follow our content via RSS and on social networks like Facebook, Identi.ca, and Twitter (@Phoronix and @MichaelLarabel). Subscribe to Phoronix Premium to view our content without advertisements, view entire articles on a single page, and experience other benefits.
Comments & Discussion
News Archives
Related NVIDIA News
NVIDIA Issues CUDA 5.5 RC:...
NVIDIA Introduces $400 GeForce...
New NVIDIA Linux Driver Supports...
NVIDIA Releases 310.51 Driver To...
NVIDIA 319.17 Linux Driver...
NVIDIA Publishes Open-Source...
NVIDIA vs. Nouveau Drivers On...
Benchmarks Of NVIDIA's New Linux...
Popular News
Reasons For Losing Motivation In...
Raspberry Pi's Raspbian Improves...
SphinUX OS Claims To Be ~150%...
Windows 8 Hardware Has Another...
The Best Features Of The Linux...
SQLite Now Faster With Memory...
A New X.Org-Free Wayland LiveCD...
PulseAudio 4.0 Brings Many...
Latest Hardware Reviews
  1. Intel Haswell HD Graphics 4600 vs. AMD Radeon Graphics On Linux
  2. Intel Haswell HD Graphics 4600 Performance On Ubuntu Linux
  3. Intel Core i7 4770K "Haswell" Benchmarks On Ubuntu Linux
  4. The First Experience Of Intel Haswell On Linux
Latest Software Articles
  1. Optimized Binaries Provide Great Benefits For Intel Haswell
  2. 11-Way Linux, BSD Platform Comparison
  3. SNA Acceleration Works Great For Intel Core i7 Haswell
  4. The Linux Evolution For Intel Haswell's Performance
Latest Linux News
  1. KDE's KWin Made Lots Of Progress In 4.11
  2. Ubuntu Announces Carrier Advisory Group
  3. Qt 5.1 Release Candidate 1 Has Arrived
  4. In-Fighting Continues Over Mir On Non-Unity Ubuntu
  5. Subversion 1.8 Presents New Features
  6. LLVM 3.3 Officially Released
  7. LLVM/Clang Now Uses Loop Vectorizer At New Levels
  8. Intel GPU Driver Tries To Rip Out FBDEV Support
  9. Coreboot Doing AMD USB 3.0, Q35 QEMU Emulation
  10. VP9 Codec Now Enabled By Default In Chrome
  11. openSUSE 13.1 M2 Plays On PulseAudio 4.0
Latest Forum Talk
  1. In-Fighting Continues Over Mir On Non-Unity Ubuntu
  2. Ubuntu Announces Carrier Advisory Group
  3. Vote for GOG to add Linux versions of games they...
  4. Intel Haswell HD Graphics 4600 vs. AMD Radeon...
  5. Intel GPU Driver Tries To Rip Out FBDEV Support
  6. Mir Still Causing Concerns By Ubuntu Derivatives
  1. Computers
  2. Display Drivers
  3. Graphics Cards
  4. Motherboards
  5. Peripherals
  6. Processors
  7. Software
  8. Operating Systems
  9. All Articles
  1. Linux Benchmarking
  2. OpenBenchmarking.org
  3. Phoronix Test Suite
Copyright © 2004 - 2013 by Phoronix Media.
All trademarks used are properties of their respective owners. All rights reserved. Legal Disclaimer & Disclosure.
Powered by the Phoronix Content Management System (PHXCMS-7.4).