FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
f52e3a8d-3f7e-11e7-97a9-a0d3c19bfa21	NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler NVIDIA Unix security team reports: NVIDIA GPU Display Driver contains vulnerabilities in the kernel mode layer handler where not correctly validated user input, NULL pointer dereference, and incorrect access control may lead to denial of service or potential escalation of privileges. Discovery 2017-05-15 Entry 2017-05-23 nvidia-driver < 375.66 CVE-2017-0350 CVE-2017-0351 CVE-2017-0352 http://nvidia.custhelp.com/app/answers/detail/a_id/4462
057e6616-1885-11e7-bb4d-a0d3c19bfa21	NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler NVIDIA Unix security team reports: NVIDIA GPU Display Driver contains vulnerabilities in the kernel mode layer handler where multiple integer overflows, improper access control, and improper validation of a user input may cause a denial of service or potential escalation of privileges. Discovery 2017-02-14 Entry 2017-04-04 nvidia-driver < 375.39 nvidia-driver-340 < 340.102 nvidia-driver-304 < 304.135 CVE-2017-0309 CVE-2017-0310 CVE-2017-0311 CVE-2017-0318 CVE-2017-0321 http://nvidia.custhelp.com/app/answers/detail/a_id/4398
fdf72a0e-8371-11e4-bc20-001636d274f3	NVIDIA UNIX driver -- remote denial of service or arbitrary code execution NVIDIA Unix security team reports: The GLX indirect rendering support supplied on NVIDIA products is subject to the recently disclosed X.Org vulnerabilities (CVE-2014-8093, CVE-2014-8098) as well as internally identified vulnerabilities (CVE-2014-8298). Depending on how it is configured, the X server typically runs with raised privileges, and listens for GLX indirect rendering protocol requests from a local socket and potentially a TCP/IP port. The vulnerabilities could be exploited in a way that causes the X server to access uninitialized memory or overwrite arbitrary memory in the X server process. This can cause a denial of service (e.g., an X server segmentation fault), or could be exploited to achieve arbitrary code execution. Discovery 2014-12-03 Entry 2014-12-14 nvidia-driver < 340.65 nvidia-driver-304 < 304.125 nvidia-driver-173 le 173.14.35_3 nvidia-driver-96 le 96.43.23_2 nvidia-driver-71 le 71.86.15_4 CVE-2014-8298 CVE-2014-8093 CVE-2014-8098

VuXML ID

Description

f52e3a8d-3f7e-11e7-97a9-a0d3c19bfa21

NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler

NVIDIA Unix security team reports:

NVIDIA GPU Display Driver contains vulnerabilities in the kernel mode layer handler where not correctly validated user input, NULL pointer dereference, and incorrect access control may lead to denial of service or potential escalation of privileges.

Discovery 2017-05-15
Entry 2017-05-23
nvidia-driver

< 375.66

CVE-2017-0350
CVE-2017-0351
CVE-2017-0352
http://nvidia.custhelp.com/app/answers/detail/a_id/4462

057e6616-1885-11e7-bb4d-a0d3c19bfa21

NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler

NVIDIA Unix security team reports:

NVIDIA GPU Display Driver contains vulnerabilities in the kernel mode layer handler where multiple integer overflows, improper access control, and improper validation of a user input may cause a denial of service or potential escalation of privileges.

Discovery 2017-02-14
Entry 2017-04-04
nvidia-driver

< 375.39

nvidia-driver-340

< 340.102

nvidia-driver-304

< 304.135

CVE-2017-0309
CVE-2017-0310
CVE-2017-0311
CVE-2017-0318
CVE-2017-0321
http://nvidia.custhelp.com/app/answers/detail/a_id/4398

fdf72a0e-8371-11e4-bc20-001636d274f3

NVIDIA UNIX driver -- remote denial of service or arbitrary code execution

NVIDIA Unix security team reports:

The GLX indirect rendering support supplied on NVIDIA products is subject to the recently disclosed X.Org vulnerabilities (CVE-2014-8093, CVE-2014-8098) as well as internally identified vulnerabilities (CVE-2014-8298).

Depending on how it is configured, the X server typically runs with raised privileges, and listens for GLX indirect rendering protocol requests from a local socket and potentially a TCP/IP port. The vulnerabilities could be exploited in a way that causes the X server to access uninitialized memory or overwrite arbitrary memory in the X server process. This can cause a denial of service (e.g., an X server segmentation fault), or could be exploited to achieve arbitrary code execution.

Discovery 2014-12-03
Entry 2014-12-14
nvidia-driver

< 340.65

nvidia-driver-304

< 304.125

nvidia-driver-173

le 173.14.35_3

nvidia-driver-96

le 96.43.23_2

nvidia-driver-71

le 71.86.15_4

CVE-2014-8298
CVE-2014-8093
CVE-2014-8098