drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in nvidia-graphics-drivers
Name: |
Ausführen beliebiger Kommandos in nvidia-graphics-drivers |
|
ID: |
USN-1420-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 11.04, Ubuntu 11.10 |
|
Datum: |
Mi, 11. April 2012, 17:14 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0946 |
|
Applikationen: |
nVidia XFree86/X.org Drivers |
|
Originalnachricht |
--===============7619073410535382080== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-0HebLqWEyRdOXMjDi+ST"
--=-0HebLqWEyRdOXMjDi+ST Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1420-1 April 11, 2012
nvidia-graphics-drivers, nvidia-graphics-drivers-173, nvidia-graphics-drivers-173-updates, nvidia-graphics-drivers-updates vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.04 LTS
Summary:
NVIDIA graphics drivers could be made to run programs as an administrator.
Software Description: - nvidia-graphics-drivers: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173-updates: NVIDIA binary Xorg driver - nvidia-graphics-drivers-updates: NVIDIA binary Xorg driver
Details:
It was discovered that the NVIDIA graphics drivers could be reconfigured to gain access to arbitrary system memory. A local attacker could use this issue to possibly gain root privileges.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.10: nvidia-173 173.14.30-0ubuntu8.1 nvidia-173-updates 173.14.30-0ubuntu5.1 nvidia-current 280.13-0ubuntu6.1 nvidia-current-updates 280.13-0ubuntu5.1
Ubuntu 11.04: nvidia-173 173.14.30-0ubuntu1.1 nvidia-current 270.41.06-0ubuntu1.1
Ubuntu 10.04 LTS: nvidia-173 173.14.22-0ubuntu11.1 nvidia-current 195.36.24-0ubuntu1~10.04.2
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1420-1 CVE-2012-0946
Package Information: https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers/280.13-0ubuntu6.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173/173.14.30-0ubuntu8.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173-updates/173.14.30-0ubuntu5.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-updates/280.13-0ubuntu5.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers/270.41.06-0ubuntu1.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173/173.14.30-0ubuntu1.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers/195.36.24-0ubuntu1~10.04.2 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-173/173.14.22-0ubuntu11.1
--ÐHebLqWEyRdOXMjDi+ST Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJPhZxCAAoJEGVp2FWnRL6TLIAQAIthVVivhxqwv7j1e+7vS51j kxFURUUgpD/WujXQImpHmnU0sqeg3kUi2eKZJpeuyOixblrCXD1CRe9oBmjV9oAL PqLWcr2qw/qRs63zoIk7ER8xulye7vHURejP+ZHMS0inNs0mEo7aohSo0Rycgibr ssicw7duuItxmBjvA2qWT6p2L69IvQH5ZKFAD4yvNzOa6P7/yiepyNacUII/FImc DdbfG9UoDXRH8aVvX/5am7txCABWDyjKlFUUcmRFIssw5KhAxQ16SpOeITwVGUGQ tc0gJ9LZze6AmiVYsgUjGsLRPNyPZB+zkmEB/V/ibIJjszGfElN83zkdd8VChRRO 2Md3XGg8UEsZE3tictfGanem/e+cElkFhvwdVPgdz+J3uJyyBIJg66xJ/eLTZ7OB FUJVhI3W7jPHmaH383SrWLxqA2Wgw8hKObkpUiwu41bjK5xW9g+pmphxgm36BCrC IT2M91z3nkyMGWL8BGRhAksfWg0k4BgpnQCNnBRFbw/yyyFjXEJ92b08SgpmcYOv NfLImbmsvMF7GGFMB7hjPEvWav3iGgQceMyHQ6iSccYawRb4yK+Bzr6QnPD8mQum GeJxBj8UgbvgRISWc/TD+EWZ8Sd03fMHGWmy+KoS7FtjWhpb7+cB6I9FFacJSglc +lLPsTo+YfrM+kw8+HFP =PxN5 -----END PGP SIGNATURE-----
--=-0HebLqWEyRdOXMjDi+ST--
--===============7619073410535382080== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7619073410535382080==--
|
|
|
|