Source: nvidia-graphics-drivers Severity: serious Tags: security Control: fixed -1 319.72-1,331.20-1
Quoting from http://nvidia.custhelp.com/app/answers/detail/a_id/3377 Vulnerability Description: An NVIDIA graphics driver bug allows unprivileged user-mode software to access the GPU inappropriately. An attacker who successfully exploited this vulnerability could take control of an affected system. Exploit Scope and Risk: To take advantage of this vulnerability, an attacker would need to run specially crafted software locally on the target computer. Expert knowledge of system and NVIDIA GPU programming would be required to create such an exploit. NVIDIA is not aware of the existence of any actual exploits that leverage this vulnerability. This issue could potentially affect all supported PC OS platforms and form factors. NVIDIA Tegra GPUs are not vulnerable. The following table shows the first NVIDIA UNIX GPU Drivers that contain the security fix. Driver Branch Version Release 331 331.20 Release 319 319.72 Release 304 304.116 nvidia-graphics-drivers-legacy-304xx is affected as well, but is already at the fixed version. It is unknown whether the older legacy branches are affected. Andreas -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
