drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in NVIDIA graphics drivers
Name: |
Zwei Probleme in NVIDIA graphics drivers |
|
ID: |
USN-3122-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 16.04 LTS |
|
Datum: |
Do, 3. November 2016, 22:31 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7382
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.98-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.98-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.98-0ubuntu0.12.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.132-0ubuntu0.16.04.2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7389
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-367/367.57-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-367/367.57-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.132-0ubuntu0.14.04.2
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.132-0ubuntu0.12.04.1 |
|
Applikationen: |
nVidia XFree86/X.org Drivers |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============1103555761250801851== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="D253N1wCrxNHI29bxswGa3MQdFCT7qxPp"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --D253N1wCrxNHI29bxswGa3MQdFCT7qxPp Content-Type: multipart/mixed; boundary="WD46nTrMHkrh46JOav652qqnk6jstgx5H" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <589ed950-2dd9-b93f-c210-58b46493f2cc@canonical.com> Subject: [USN-3122-1] NVIDIA graphics drivers vulnerabilities
--WD46nTrMHkrh46JOav652qqnk6jstgx5H Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3122-1 November 03, 2016
nvidia-graphics-drivers-304, nvidia-graphics-drivers-340, nvidia-graphics-drivers-367 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
NVIDIA graphics drivers could be made to run programs as an administrator.
Software Description: - nvidia-graphics-drivers-304: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340: NVIDIA binary X.Org driver - nvidia-graphics-drivers-367: NVIDIA binary X.Org driver
Details:
It was discovered that the NVIDIA graphics drivers incorrectly sanitized user mode inputs. A local attacker could use this issue to possibly gain root privileges.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: nvidia-304 304.132-0ubuntu0.16.04.2 nvidia-304-updates 304.132-0ubuntu0.16.04.2 nvidia-331 340.98-0ubuntu0.16.04.1 nvidia-331-updates 340.98-0ubuntu0.16.04.1 nvidia-340 340.98-0ubuntu0.16.04.1 nvidia-340-updates 340.98-0ubuntu0.16.04.1 nvidia-361 367.57-0ubuntu0.16.04.1 nvidia-367 367.57-0ubuntu0.16.04.1 nvidia-current 304.132-0ubuntu0.16.04.2
Ubuntu 14.04 LTS: nvidia-304 304.132-0ubuntu0.14.04.2 nvidia-304-updates 304.132-0ubuntu0.14.04.2 nvidia-331 340.98-0ubuntu0.14.04.1 nvidia-331-updates 340.98-0ubuntu0.14.04.1 nvidia-340 340.98-0ubuntu0.14.04.1 nvidia-340-updates 340.98-0ubuntu0.14.04.1 nvidia-352 367.57-0ubuntu0.14.04.1 nvidia-352-updates 367.57-0ubuntu0.14.04.1 nvidia-367 367.57-0ubuntu0.14.04.1 nvidia-current 304.132-0ubuntu0.14.04.2
Ubuntu 12.04 LTS: nvidia-304 304.132-0ubuntu0.12.04.1 nvidia-304-updates 304.132-0ubuntu0.12.04.1 nvidia-331 340.98-0ubuntu0.12.04.1 nvidia-331-updates 340.98-0ubuntu0.12.04.1 nvidia-340 340.98-0ubuntu0.12.04.1 nvidia-340-updates 340.98-0ubuntu0.12.04.1 nvidia-current 304.132-0ubuntu0.12.04.1
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3122-1 CVE-2016-7382, CVE-2016-7389
Package Information:
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.132-0ubuntu0.16.04.2
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.98-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-367/367.57-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.132-0ubuntu0.14.04.2
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.98-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-367/367.57-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.132-0ubuntu0.12.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.98-0ubuntu0.12.04.1
--WD46nTrMHkrh46JOav652qqnk6jstgx5H--
--D253N1wCrxNHI29bxswGa3MQdFCT7qxPp Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJYG13qAAoJEGVp2FWnRL6TvdkP/ioGZ0CcpbPsnnQvPvgAT0ET /ub7g9a4IoBjdqxNgS85Ua6uBj9tJAFrqjPlfAjtN426LH2wY+6dtGaj0qQ4NEM8 nsjg+e+YTAiYdkQ1BVwb3PE2XzQtakZrVpHi4XbhUXy2rhmhezEh3ut3MPYAfXDY QilbDgZ1niF0NtOTuH1enbmCpUrhloSv8Bq+RDYzMtBjvIbstAitqc9EL95hdh7P PaaO74pAYyFGM+t/OS9yrIOueveSnKNTwWJkCLSNbDEVceuzKuAvJ3DFMu0tOv/t Brr5ZTtX0Q/FG1oP0xwqWc5f0ucg86Wrr+mONSjmB9A8ComUke9oAAuE8GusTaOT 5b5HMsibL5aa9ikSjeh38AbCcBPnxUyX1SkYtg68pBFm5BppdY9S2HjCM8ORA7sB 8gj2V9tJFvrdgsVtWuacXkw221bzYc5vT5+R9MVqU8kqYPiO/11fw7bM7YIx9Mff CxQuysz9VIx++sbXO4qv4LjWvdxNJaDkSV6PFz4UsvTw92heq+t9lXFm+x6TVJpP 5aPPayPB+anoKHin53Z7vaz0fwiz3vY4k5RoaKp7h2OaSXCHHJbmqAfhGBQfqX2e Bd4WfI4Q0NRNsFyNJ3SPdn0MMPIrz0oFrr9pXF3StXhdEjKRqlx7GItK2TsJ7xmA el0Q25FXbmgONmVvlSaW =JvHH -----END PGP SIGNATURE-----
--D253N1wCrxNHI29bxswGa3MQdFCT7qxPp--
--===============1103555761250801851== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============1103555761250801851==--
|
|
|
|