Your submission was sent successfully! Close

USN-377-1: NVIDIA vulnerability

4 November 2006

NVIDIA vulnerability

Releases

Details

Derek Abdine discovered that the NVIDIA Xorg driver did not correctly
verify the size of buffers used to render text glyphs. When displaying
very long strings of text, the Xorg server would crash. If a user were
tricked into viewing a specially crafted series of glyphs, this flaw
could be exploited to run arbitrary code with root privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 6.10
  • nvidia-glx - 2.6.17.6-1
Ubuntu 6.06
  • nvidia-glx - 2.6.15.12-1

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

References