CVE-2013-0131

Publication date 3 April 2013

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users to execute arbitrary code via a large ARGB cursor.

Read the notes from the security team

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
nvidia-graphics-drivers 13.04 raring Not in release
12.10 quantal
Fixed 304.88-0ubuntu0.1
12.04 LTS precise
Fixed 304.88-0ubuntu0.0.2
11.10 oneiric Ignored end of life
10.04 LTS lucid Ignored end of life
8.04 LTS hardy Not in release
nvidia-graphics-drivers-304 13.04 raring
Fixed 304.88-0ubuntu1
12.10 quantal Not in release
12.04 LTS precise
Not affected
11.10 oneiric Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
nvidia-graphics-drivers-304-updates 13.04 raring
Fixed 304.88-0ubuntu1
12.10 quantal Not in release
12.04 LTS precise
Not affected
11.10 oneiric Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
nvidia-graphics-drivers-310 13.04 raring
Fixed 310.44-0ubuntu1
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
nvidia-graphics-drivers-310-updates 13.04 raring
Fixed 310.44-0ubuntu1
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
nvidia-graphics-drivers-313-updates 13.04 raring
Fixed 313.30-0ubuntu1
12.10 quantal Not in release
12.04 LTS precise Not in release
11.10 oneiric Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
nvidia-graphics-drivers-experimental-304 13.04 raring Not in release
12.10 quantal Ignored
12.04 LTS precise Ignored
11.10 oneiric Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
nvidia-graphics-drivers-experimental-310 13.04 raring Not in release
12.10 quantal Ignored
12.04 LTS precise Ignored
11.10 oneiric Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
nvidia-graphics-drivers-updates 13.04 raring Not in release
12.10 quantal
Fixed 304.88-0ubuntu0.1
12.04 LTS precise
Fixed 304.88-0ubuntu0.0.1
11.10 oneiric Ignored end of life
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release
nvidia-settings 13.04 raring
Not affected
12.10 quantal
Not affected
12.04 LTS precise
Not affected
11.10 oneiric
Not affected
10.04 LTS lucid
Not affected
8.04 LTS hardy
Not affected
nvidia-settings-updates 13.04 raring
Not affected
12.10 quantal
Not affected
12.04 LTS precise
Not affected
11.10 oneiric
Not affected
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release

Notes

mdeslaur

upstream advisory says vulnerability is present since 195.22 fixed in 304.88, 310.44, 313.30 We aren’t going to fix the experimental drivers. Users of the experimental drivers for who this issue is important are recommended to switch to production drivers. Doesn’t actually affected nvidia-settings and nvidia-settings-updates. Updates are simply required for compatibility reasons.

jdstrand

no updates from NVIDIA for 195.36 (Ubuntu 10.04 LTS), 280.13 and 295.20 (Ubuntu 11.10) as of 2013-04-19

References

Related Ubuntu Security Notices (USN)

    • USN-1799-1
    • NVIDIA graphics drivers vulnerability
    • 10 April 2013

Other references