Login
Newsletter
Werbung
Sicherheit: Ausführen beliebiger Kommandos in nvidia-graphics-drivers
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in nvidia-graphics-drivers
ID: USN-1523-1
Distribution: Ubuntu
Plattformen: Ubuntu 10.04 LTS, Ubuntu 11.04, Ubuntu 11.10, Ubuntu 12.04 LTS
Datum: Mo, 6. August 2012, 21:05
Referenzen: Keine Angabe
Applikationen: nVidia XFree86/X.org Drivers

Originalnachricht

 

--===============2188126469772778757==
Content-Type: multipart/signed; micalg="pgp-sha512";
	protocol="application/pgp-signature";
 boundary="=-/Kv42fSW8ak1D69sxAQ2"


--=-/Kv42fSW8ak1D69sxAQ2
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-1523-1
August 06, 2012

nvidia-graphics-drivers, nvidia-graphics-drivers-173,
 nvidia-graphics-drivers-173-updates, nvidia-graphics-drivers-updates vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS

Summary:

NVIDIA graphics drivers could be made to run programs as an administrator.

Software Description:
- nvidia-graphics-drivers: NVIDIA binary Xorg driver
- nvidia-graphics-drivers-173: NVIDIA binary Xorg driver
- nvidia-graphics-drivers-173-updates: NVIDIA binary Xorg driver
- nvidia-graphics-drivers-updates: NVIDIA binary Xorg driver

Details:

It was discovered that the NVIDIA graphics drivers could be reconfigured to
gain access to arbitrary system memory. A local attacker could use this
issue to gain root privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
  nvidia-173                      173.14.35-0ubuntu0.2
  nvidia-173-updates              173.14.35-0ubuntu0.2
  nvidia-current                  295.40-0ubuntu1.1
  nvidia-current-updates          295.49-0ubuntu0.2

Ubuntu 11.10:
  nvidia-173                      173.14.30-0ubuntu8.2
  nvidia-173-updates              173.14.30-0ubuntu5.2
  nvidia-current                  280.13-0ubuntu6.2
  nvidia-current-updates          295.20-0ubuntu0.4

Ubuntu 11.04:
  nvidia-173                      173.14.30-0ubuntu1.2
  nvidia-current                  270.41.06-0ubuntu1.2

Ubuntu 10.04 LTS:
  nvidia-173                      173.14.22-0ubuntu11.2
  nvidia-current                  195.36.24-0ubuntu1~10.04.3

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
  http://www.ubuntu.com/usn/usn-1523-1
  https://launchpad.net/bugs/1033452

Package Information:
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers/295.40-0ubuntu1.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173/173.14.35-0ubuntu0.2
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173-updates/173.14.35-0ubuntu0.2
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-updates/295.49-0ubuntu0.2
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers/280.13-0ubuntu6.2
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173/173.14.30-0ubuntu8.2
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173-updates/173.14.30-0ubuntu5.2
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-updates/295.20-0ubuntu0.4
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers/270.41.06-0ubuntu1.2
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173/173.14.30-0ubuntu1.2
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers/195.36.24-0ubuntu1~10.04.3
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173/173.14.22-0ubuntu11.2



--ßKv42fSW8ak1D69sxAQ2
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAABCgAGBQJQH8lJAAoJEGVp2FWnRL6TBF8P/jDDtAM02sohmQzb+YdwTpDI
Yyu35VlHRKdowQrWBE2AaEtMir7Trqnf2+aWPp4LS8gr5Jf7sEzYN4nyFQvponM4
0nPN/YhUP+4bci7kJNNlggA3duXbpIh61+YW1xGzXQDSoARp9AWIH9GMc15Uwbkc
r+e7vFLcrZDPAa6D82BdvwyjG73WPRf8epZoUIADFDe6kbpiJfFeVcZ3IM5+aRVC
stNe1dUpa9eTIFrwFyCr7lVU6CX4T5KXi7bTP3VGCNMlqeGtghOiKU909bGXDesD
ba3lL227QJvL+DbzOUusvjS3PvetrB3nhsbYjVHCBTPyNrGgDPI5RDBrUP3LWicO
/IPG+GJfnVgVsSFAiqA9zud9+DAdxXpfZfqj5upJi6yzRUf2C2Lwgno/f8nxDnC6
L5fnUcN3HsJfcpfpIhw5nQnTinvLcd0sZ1MLFxu/hSWsm3pfm6O4g17GuQS8ojHZ
j8nCo9HxpxSfPG0lF1qxprdfA1uHteZMw+deO6XhyUM9j/ikeQ95szmxfHnsI/WZ
gOjNR58xT9HdE9DyIfZg+X6X5b8zHKlF0wbU8HS4gjFfZtSQdpjAqXr2LqdUySWJ
Il7yVRsuO/gvF0ELYyrKQKroiFfIkxOGFIVkw2GUvzfhcBIJbXtdsz4rj/zqh1gD
esBcHGNvNywfmQ/21vK/
=/7Vy
-----END PGP SIGNATURE-----

--=-/Kv42fSW8ak1D69sxAQ2--



--===============2188126469772778757==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============2188126469772778757==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung