NVIDIA Driver Security Exploit

Written by Michael Larabel in Linux Security on 17 October 2006 at 01:00 AM EDT. Add A Comment
LINUX SECURITY
While this security vulnerability has been known since 2004, Rapid7 had issued a report yesterday on the buffer overflow problem in NVIDIA's binary Linux display drivers -- the issue also likely lies in the FreeBSD and Solaris drivers. This issue allows attackers to run code as root either locally or remotely. A working proof of concept is also available from Rapid7. The solution presented in this report is to remove the closed-source NVIDIA module and use the 2D NV module. NVIDIA has, however, stated that this problem has been fixed with the 1.0-9XXX series drivers. Disabling RenderAccel will also resolve this problem on the vulnerable drivers. There is also news on this NVIDIA Linux driver issue at KernelTrap. A thread has been setup on the Phoronix Forums to discuss this problem.
Add A Comment
Related News
Red Hat Working On Delayed Module Signature Verification To Speed-Up Linux Boot Times
SELinux In Linux 6.6 Removes References To Its Origins At The US NSA
Linux 6.6 Adding Randomized Kmalloc Caches For Further System Hardening
Linux 6.5 Patches Merged For Intel GDS/DOWNFALL, AMD INCEPTION
Linux 6.1 To 6.5 Git Quietly Patched For "StackRot" Privilege Escalation Vulnerability
Microsoft Aims For Greater Script Execution Control On Linux
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Valve Is A Wonderful Upstream Contributor To Linux & The Open-Source Community
Linux Terminal Emulators Have The Potential Of Being Much Faster
Intel To Further Collaborate With Red Hat, Canonical & SUSE For Intel-Optimized Linux Distros
Linux's Multi-Grain Timestamps Short-Lived: Removed From The Kernel After A Few Weeks
Fedora 40 Eyes Dropping GNOME X11 Session Support
GNOME 45 Released With New Apps, New Activities Indicator
Wine Wayland Driver Updated With Basic Window Management Capabilities
Blumenkrantz Optimizes Mesa Vulkan Submission Merging - Some Test Cases Improve 1000%+