drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in nvidia-graphics-drivers
Name: |
Ausführen beliebiger Kommandos in nvidia-graphics-drivers |
|
ID: |
USN-1523-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 11.04, Ubuntu 11.10, Ubuntu 12.04 LTS |
|
Datum: |
Mo, 6. August 2012, 21:05 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
nVidia XFree86/X.org Drivers |
|
Originalnachricht |
--===============2188126469772778757== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-/Kv42fSW8ak1D69sxAQ2"
--=-/Kv42fSW8ak1D69sxAQ2 Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1523-1 August 06, 2012
nvidia-graphics-drivers, nvidia-graphics-drivers-173, nvidia-graphics-drivers-173-updates, nvidia-graphics-drivers-updates vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.04 LTS
Summary:
NVIDIA graphics drivers could be made to run programs as an administrator.
Software Description: - nvidia-graphics-drivers: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173-updates: NVIDIA binary Xorg driver - nvidia-graphics-drivers-updates: NVIDIA binary Xorg driver
Details:
It was discovered that the NVIDIA graphics drivers could be reconfigured to gain access to arbitrary system memory. A local attacker could use this issue to gain root privileges.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: nvidia-173 173.14.35-0ubuntu0.2 nvidia-173-updates 173.14.35-0ubuntu0.2 nvidia-current 295.40-0ubuntu1.1 nvidia-current-updates 295.49-0ubuntu0.2
Ubuntu 11.10: nvidia-173 173.14.30-0ubuntu8.2 nvidia-173-updates 173.14.30-0ubuntu5.2 nvidia-current 280.13-0ubuntu6.2 nvidia-current-updates 295.20-0ubuntu0.4
Ubuntu 11.04: nvidia-173 173.14.30-0ubuntu1.2 nvidia-current 270.41.06-0ubuntu1.2
Ubuntu 10.04 LTS: nvidia-173 173.14.22-0ubuntu11.2 nvidia-current 195.36.24-0ubuntu1~10.04.3
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1523-1 https://launchpad.net/bugs/1033452
Package Information: https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers/295.40-0ubuntu1.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173/173.14.35-0ubuntu0.2 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173-updates/173.14.35-0ubuntu0.2 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-updates/295.49-0ubuntu0.2 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers/280.13-0ubuntu6.2 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173/173.14.30-0ubuntu8.2 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173-updates/173.14.30-0ubuntu5.2 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-updates/295.20-0ubuntu0.4 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers/270.41.06-0ubuntu1.2 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173/173.14.30-0ubuntu1.2 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers/195.36.24-0ubuntu1~10.04.3 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173/173.14.22-0ubuntu11.2
--ßKv42fSW8ak1D69sxAQ2 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJQH8lJAAoJEGVp2FWnRL6TBF8P/jDDtAM02sohmQzb+YdwTpDI Yyu35VlHRKdowQrWBE2AaEtMir7Trqnf2+aWPp4LS8gr5Jf7sEzYN4nyFQvponM4 0nPN/YhUP+4bci7kJNNlggA3duXbpIh61+YW1xGzXQDSoARp9AWIH9GMc15Uwbkc r+e7vFLcrZDPAa6D82BdvwyjG73WPRf8epZoUIADFDe6kbpiJfFeVcZ3IM5+aRVC stNe1dUpa9eTIFrwFyCr7lVU6CX4T5KXi7bTP3VGCNMlqeGtghOiKU909bGXDesD ba3lL227QJvL+DbzOUusvjS3PvetrB3nhsbYjVHCBTPyNrGgDPI5RDBrUP3LWicO /IPG+GJfnVgVsSFAiqA9zud9+DAdxXpfZfqj5upJi6yzRUf2C2Lwgno/f8nxDnC6 L5fnUcN3HsJfcpfpIhw5nQnTinvLcd0sZ1MLFxu/hSWsm3pfm6O4g17GuQS8ojHZ j8nCo9HxpxSfPG0lF1qxprdfA1uHteZMw+deO6XhyUM9j/ikeQ95szmxfHnsI/WZ gOjNR58xT9HdE9DyIfZg+X6X5b8zHKlF0wbU8HS4gjFfZtSQdpjAqXr2LqdUySWJ Il7yVRsuO/gvF0ELYyrKQKroiFfIkxOGFIVkw2GUvzfhcBIJbXtdsz4rj/zqh1gD esBcHGNvNywfmQ/21vK/ =/7Vy -----END PGP SIGNATURE-----
--=-/Kv42fSW8ak1D69sxAQ2--
--===============2188126469772778757== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============2188126469772778757==--
|
|
|
|