From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- metadata/glsa/glsa-201206-19.xml | 54 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 metadata/glsa/glsa-201206-19.xml (limited to 'metadata/glsa/glsa-201206-19.xml') diff --git a/metadata/glsa/glsa-201206-19.xml b/metadata/glsa/glsa-201206-19.xml new file mode 100644 index 000000000000..30c01976c0d9 --- /dev/null +++ b/metadata/glsa/glsa-201206-19.xml @@ -0,0 +1,54 @@ + + + + NVIDIA Drivers: Privilege escalation + A vulnerability in NVIDIA drivers may allow a local attacker to + gain escalated privileges. + + nvidia-drivers + 2012-06-23 + 2012-06-23: 1 + 411617 + local + + + 295.40 + 295.40 + + + +

The NVIDIA drivers provide X11 and GLX support for NVIDIA graphic + boards. +

+ + +

A vulnerability has been found in the way NVIDIA drivers handle + read/write access to GPU device nodes, allowing access to arbitrary + system memory locations. +

+ +

NOTE: Exposure to this vulnerability is reduced in Gentoo due to 660 + permissions being used on the GPU device nodes by default. +

+ + +

A local attacker could gain escalated privileges.

+ + +

There is no known workaround at this time.

+ + +

All NVIDIA driver users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose + ">=x11-drivers/nvidia-drivers-295.40" + + + + CVE-2012-0946 + + ackle + ackle + -- cgit v1.2.3