Skip to main content

Security vulnerability in NVIDIA's proprietary Linux drivers fixed

posted onApril 12, 2012
by l33tdawg

A new version of NVIDIA's proprietary UNIX graphics drivers for Linux, Solaris and FreeBSD fixes a security vulnerability (CVE-2012-0946) that allowed attackers to read and write arbitrary system memory in order to, for example, obtain root privileges. To take advantage of the vulnerability, an attacker must have access permission for some device files – which, for systems with these drivers, is typically the case for users who can launch a graphical interface as 3D acceleration and some other features cannot be used otherwise.

Version 295.40 of the driver corrects this problem; for older drivers whose version numbers start with 195, 256 to 285, or 290 to 295, NVIDIA has made patches available that change the vulnerable part of the kernel module belonging to the driver. Users who update the driver with this patch and use the CUDA debugger will also need to update the CUDA library before the debugger can work again.

Source

Tags

Linux Security NVIDIA

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th