Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Request: NVidia Linux driver
From: Tavis Ormandy <taviso () cmpxchg8b com>
Date: Wed, 1 Aug 2012 15:12:00 +0200

Marc Deslauriers <marc.deslauriers () canonical com>
wrote:

Hello,

Could a CVE please be assigned to the following issue:

The binary NVidia Linux driver allows local users to access arbitrary
memory locations by leveraging GPU device-node read/write privileges, and
escalate privileges to root. Possibly an incomplete fix for CVE-2012-0946.

See:

http://seclists.org/fulldisclosure/2012/Aug/4

Thanks,

Marc.

I know that at least Gentoo does this since ~2006:

35 # !!! SECURITY WARNING !!!
36 # DO NOT MODIFY OR REMOVE THE DEVICE FILE RELATED OPTIONS UNLESS YOU KNOW
37 # WHAT YOU ARE DOING.
38 # ONLY ADD TRUSTED USERS TO THE VIDEO GROUP, THESE USERS MAY BE ABLE TO
CRASH,
39 # COMPROMISE, OR IRREPARABLY DAMAGE THE MACHINE.
40 options nvidia NVreg_DeviceFileMode=432 NVreg_DeviceFileUID=0
NVreg_DeviceFileGID=VIDEOGID NVreg_ModifyDeviceFiles=1


http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/x11-drivers/nvidia-drivers/files/nvidia?revision=1.3&view=markup

Tavis.

-- 
-------------------------------------
taviso () cmpxchg8b com | pgp encrypted mail preferred
-------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]