Announcement

Collapse
No announcement yet.

NVIDIA Windows/Linux Graphics Drivers Hit By A Series Of Security Vulnerabilities

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • NVIDIA Windows/Linux Graphics Drivers Hit By A Series Of Security Vulnerabilities

    Phoronix: NVIDIA Windows/Linux Graphics Drivers Hit By A Series Of Security Vulnerabilities

    With this week's R460 driver release also comes a number of security updates. Several security issues have been patched in both the NVIDIA Windows and Linux graphics driver components...

    http://www.phoronix.com/scan.php?pag...21-Driver-CVEs

  • #2
    Sounds like nasty stuff, I bet if the code was mainlined it would never get past review.

    Comment


    • #3
      Nouveau unaffected?

      Comment


      • #4
        PSSGCSim yeah, right, sure

        Comment


        • #5
          Originally posted by loganj View Post
          PSSGCSim yeah, right, sure
          Well, history says he is right, so far no proprietary to FOSS kernel contribution has passed review in few tries, even Microsoft had a damn hard time

          Comment


          • #6
            jrch2k8 there were so many vulnerabilities in linux kernel and probably still are and i'm sure new ones will be created (not on purpose hopefully) with new code.
            nobody is perfect.

            Comment


            • #7
              Ha NVIDIA, you thought your closed-source mess was king.
              May this be a lesson for you.

              Comment


              • #8
                Originally posted by loganj View Post
                jrch2k8 there were so many vulnerabilities in linux kernel and probably still are and i'm sure new ones will be created (not on purpose hopefully) with new code.
                nobody is perfect.
                And so? There's a difference between random bugs and bad programming. To add some value to your strawman response: AMD Open Source drivers are far more secure than nvidia blob and Open Source drivers are much more validated.

                Comment


                • #9
                  Originally posted by Volta View Post
                  Open Source drivers are much more validated.
                  I agree with the sentiment that drivers should be open. But, this seems to be speculative unless you actually know what validation happened (to closed source drivers).

                  That is actually probably a bigger issue, you cannot be certain the rigor of validation or review in many cases.

                  Comment


                  • #10
                    Originally posted by tildearrow View Post
                    Ha NVIDIA, you thought your closed-source mess was king.
                    May this be a lesson for you.
                    Lesson learned: you keep the same driver for all platforms, you fix bugs on all platforms in one go

                    One word for those who think open source is a fix for this: OpenSSL.
                    Open source helps, but it's not a foolproof solution. Also, Nvidia seems to have fixed these rather quickly, looking at some of the CVEs, it looks like they are all two months old today.

                    Comment

                    Working...
                    X