USN-2438-1: NVIDIA graphics drivers vulnerabilities
10 December 2014
Several security issues were fixed in the NVIDIA graphics drivers.
Releases
Packages
- nvidia-graphics-drivers-304 - NVIDIA binary Xorg driver
- nvidia-graphics-drivers-304-updates - NVIDIA binary Xorg driver
- nvidia-graphics-drivers-331 - NVIDIA binary Xorg driver
- nvidia-graphics-drivers-331-updates - NVIDIA binary Xorg driver
Details
It was discovered that the NVIDIA graphics drivers incorrectly handled GLX
indirect rendering support. An attacker able to connect to an X server,
either locally or remotely, could use these issues to cause the X server to
crash or execute arbitrary code resulting in possible privilege escalation.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.10
-
nvidia-304
-
304.125-0ubuntu0.1
-
nvidia-304-updates
-
304.125-0ubuntu0.1
-
nvidia-331
-
331.113-0ubuntu0.1
-
nvidia-331-updates
-
331.113-0ubuntu0.1
Ubuntu 14.04
-
nvidia-304
-
304.125-0ubuntu0.0.1
-
nvidia-304-updates
-
304.125-0ubuntu0.0.1
-
nvidia-331
-
331.113-0ubuntu0.0.4
-
nvidia-331-updates
-
331.113-0ubuntu0.0.4
Ubuntu 12.04
-
nvidia-304
-
304.125-0ubuntu0.0.0.1
-
nvidia-304-updates
-
304.125-0ubuntu0.0.0.1
-
nvidia-331
-
331.113-0ubuntu0.0.0.3
-
nvidia-331-updates
-
331.113-0ubuntu0.0.0.3
After a standard system update you need to reboot your computer to make
all the necessary changes.
References
Related notices
- USN-2436-1: xserver-xephyr, xserver-xorg-xmir, xserver-xorg-core-udeb, xdmx-tools, xdmx, xorg-server-lts-trusty, xorg-server, xserver-xorg-core, xserver-common, xserver-xorg-core-lts-trusty, xserver-xorg-dev, xnest, xorg-server-source, xvfb