Linux News
The world is talking about GNU/Linux and Free/Open Source Software

sent to nvidia over a month ago with no reply or advisory

Story: NVIDIA Fixes Linux GPU Driver Security Hole

Total Replies: 1

Author	Content
henke54 Aug 05, 2012 8:33 AM EDT	Quoting:I was given this anonymously, it has been sent to nvidia over a month ago with no reply or advisory and the original author wishes to remain anonymous but would like to have the exploit published at this time, so I said I'd post it for them. It basically abuses the fact that the /dev/nvidia0 device accept changes to the VGA window and moves the window around until it can read/write to somewhere useful in physical RAM, then it just does an priv escalation by writing directly to kernel memory. This NVIDIA Linux binary exploit has already been brought up within our forums. This isn't the first time the NVIDIA binary Linux graphics driver has had a security vulnerability but just months ago there was another high-risk flaw. An earlier flaw was known for years before it was finally corrected about a half-decade ago within the NVIDIA Linux driver. http://www.phoronix.com/scan.php?page=news_item&px=MTE1MTk
albinard Aug 05, 2012 3:45 PM EDT	http://www.i-programmer.info/news/99-professional/4473-fsf-r... OOPS - sent to wrong thread! Sorry!

Author

Content

henke54

Aug 05, 2012
8:33 AM EDT

Quoting:I was given this anonymously, it has been sent to nvidia over a month ago with no reply or advisory and the original author wishes to remain anonymous but would like to have the exploit published at this time, so I said I'd post it for them.

It basically abuses the fact that the /dev/nvidia0 device accept changes to the VGA window and moves the window around until it can read/write to somewhere useful in physical RAM, then it just does an priv escalation by writing directly to kernel memory.

This NVIDIA Linux binary exploit has already been brought up within our forums.

This isn't the first time the NVIDIA binary Linux graphics driver has had a security vulnerability but just months ago there was another high-risk flaw. An earlier flaw was known for years before it was finally corrected about a half-decade ago within the NVIDIA Linux driver.

http://www.phoronix.com/scan.php?page=news_item&px=MTE1MTk

albinard

Aug 05, 2012
3:45 PM EDT

http://www.i-programmer.info/news/99-professional/4473-fsf-r...

OOPS - sent to wrong thread! Sorry!

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!

Linux News
The world is talking about GNU/Linux and Free/Open Source Software

Login

Today's Big Story

LXer Features

Have something to say?

Latest Discussions

Site Menu

Other News

sent to nvidia over a month ago with no reply or advisory

Linux NewsThe world is talking about GNU/Linux and Free/Open Source Software

Login

Today's Big Story

LXer Features

Have something to say?

Latest Discussions

Site Menu

Other News

sent to nvidia over a month ago with no reply or advisory

Linux News
The world is talking about GNU/Linux and Free/Open Source Software