VuXML ID | Description |
b91234e7-9a8b-11e1-b666-001636d274f3 | NVIDIA UNIX driver -- access to arbitrary system memory
NVIDIA Unix security team reports:
Security vulnerability CVE-2012-0946 in the NVIDIA UNIX driver
was disclosed to NVIDIA on March 20th, 2012. The vulnerability
makes it possible for an attacker who has read and write access
to the GPU device nodes to reconfigure GPUs to gain access to
arbitrary system memory. NVIDIA is not aware of any reports of
this vulnerability, outside of the disclosure which was made
privately to NVIDIA.
NVIDIA has identified the root cause of the vulnerability and
has released updated drivers which close it. [NVIDIA encourages]
all users with Geforce 8 or newer, G80 Quadro or newer, and all
Tesla GPUs to update their drivers to 295.40 or later.
Later, it was additionally discovered that similar exploit could
be achieved through remapping of VGA window:
NVIDIA received notification of a security exploit that uses
NVIDIA UNIX device files to map and program registers to redirect
the VGA window. Through the VGA window, the exploit can access
any region of physical system memory. This arbitrary memory
access can be further exploited, for example, to escalate user
privileges.
Discovery 2012-03-20 Entry 2012-05-10 Modified 2012-09-12 nvidia-driver
gt 173.14.35_2 lt 295.71
gt 96.43.20_3 lt 173.14.35
gt 71.86.15_3 lt 96.43.20_2
< 71.86.15_2
CVE-2012-0946
CVE-2012-4225
|
057e6616-1885-11e7-bb4d-a0d3c19bfa21 | NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler
NVIDIA Unix security team reports:
NVIDIA GPU Display Driver contains vulnerabilities in the
kernel mode layer handler where multiple integer overflows,
improper access control, and improper validation of a user
input may cause a denial of service or potential escalation
of privileges.
Discovery 2017-02-14 Entry 2017-04-04 nvidia-driver
< 375.39
nvidia-driver-340
< 340.102
nvidia-driver-304
< 304.135
CVE-2017-0309
CVE-2017-0310
CVE-2017-0311
CVE-2017-0318
CVE-2017-0321
http://nvidia.custhelp.com/app/answers/detail/a_id/4398
|
f52e3a8d-3f7e-11e7-97a9-a0d3c19bfa21 | NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler
NVIDIA Unix security team reports:
NVIDIA GPU Display Driver contains vulnerabilities in the
kernel mode layer handler where not correctly validated user
input, NULL pointer dereference, and incorrect access control
may lead to denial of service or potential escalation of
privileges.
Discovery 2017-05-15 Entry 2017-05-23 nvidia-driver
< 375.66
CVE-2017-0350
CVE-2017-0351
CVE-2017-0352
http://nvidia.custhelp.com/app/answers/detail/a_id/4462
|
fdf72a0e-8371-11e4-bc20-001636d274f3 | NVIDIA UNIX driver -- remote denial of service or arbitrary code execution
NVIDIA Unix security team reports:
The GLX indirect rendering support supplied on NVIDIA products
is subject to the recently disclosed X.Org vulnerabilities
(CVE-2014-8093, CVE-2014-8098) as well as internally identified
vulnerabilities (CVE-2014-8298).
Depending on how it is configured, the X server typically runs
with raised privileges, and listens for GLX indirect rendering
protocol requests from a local socket and potentially a TCP/IP
port. The vulnerabilities could be exploited in a way that
causes the X server to access uninitialized memory or overwrite
arbitrary memory in the X server process. This can cause a
denial of service (e.g., an X server segmentation fault), or
could be exploited to achieve arbitrary code execution.
Discovery 2014-12-03 Entry 2014-12-14 nvidia-driver
< 340.65
nvidia-driver-304
< 304.125
nvidia-driver-173
le 173.14.35_3
nvidia-driver-96
le 96.43.23_2
nvidia-driver-71
le 71.86.15_4
CVE-2014-8298
CVE-2014-8093
CVE-2014-8098
|
1431f2d6-a06e-11e2-b9e0-001636d274f3 | NVIDIA UNIX driver -- ARGB cursor buffer overflow in "NoScanout" mode
NVIDIA Unix security team reports:
When the NVIDIA driver for the X Window System is operated in
"NoScanout" mode, and an X client installs an ARGB cursor that
is larger than the expected size (64x64 or 256x256, depending on
the driver version), the driver will overflow a buffer. This
can cause a denial of service (e.g., an X server segmentation
fault), or could be exploited to achieve arbitrary code
execution. Because the X server runs as setuid root in many
configurations, an attacker could potentially use this
vulnerability in those configurations to gain root privileges.
Discovery 2013-03-27 Entry 2013-04-08 nvidia-driver
ge 310.14 lt 310.44
ge 195.22 lt 304.88
CVE-2013-0131
http://nvidia.custhelp.com/app/answers/detail/a_id/3290
|