drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in NVIDIA graphics drivers
Name: |
Preisgabe von Informationen in NVIDIA graphics drivers |
|
ID: |
USN-3521-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 17.04, Ubuntu 17.10 |
|
Datum: |
Di, 9. Januar 2018, 18:37 |
|
Referenzen: |
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.111-0ubuntu0.17.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.111-0ubuntu0.16.04.1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.111-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.111-0ubuntu0.17.04.1 |
|
Applikationen: |
nVidia XFree86/X.org Drivers |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============6608719487082587139== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="l5KRGvrnKFRSwNeLu4sH1cmIHshB32BDw"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --l5KRGvrnKFRSwNeLu4sH1cmIHshB32BDw Content-Type: multipart/mixed; boundary="36Dea05qdsNHL8GhQdfBPAt7mjDdvpIgu"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <efec03ae-e63c-815e-3e7c-dc9c6fe456a4@canonical.com> Subject: [USN-3521-1] NVIDIA graphics drivers vulnerability
--36Dea05qdsNHL8GhQdfBPAt7mjDdvpIgu Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3521-1 January 09, 2018
nvidia-graphics-drivers-384 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10 - Ubuntu 17.04 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS
Summary:
The system could be made to expose sensitive information.
Software Description: - nvidia-graphics-drivers-384: NVIDIA binary X.Org driver
Details:
Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory.
This update provides mitigations to address the issue, along with compatibility fixes for the corresponding Linux kernel updates.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.10: nvidia-384 384.111-0ubuntu0.17.10.1
Ubuntu 17.04: nvidia-384 384.111-0ubuntu0.17.04.1
Ubuntu 16.04 LTS: nvidia-384 384.111-0ubuntu0.16.04.1
Ubuntu 14.04 LTS: nvidia-384 384.111-0ubuntu0.14.04.1
After a standard system update you need to reboot your computer to make all the necessary changes.
References: https://www.ubuntu.com/usn/usn-3521-1 CVE-2017-5753
Package Information:
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.111-0ubuntu0.17.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.111-0ubuntu0.17.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.111-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.111-0ubuntu0.14.04.1
--36Dea05qdsNHL8GhQdfBPAt7mjDdvpIgu--
--l5KRGvrnKFRSwNeLu4sH1cmIHshB32BDw Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJaVOiFAAoJEGVp2FWnRL6TEfoP/1/Z5X8lorsDt7Xy3hWFIo+p V6CJzLzLY7+QEUj1yJNYKhAhqXMryHN2VFuA726wwK6cLDeywgIA6g9T0Gl27yOZ PtBdi0L7vS1GRXOKzRhewCl38sbNHvFn7Fc7qa5SAIG5ZMC7yVQu0l0BNdATx84E FjJVwzyDVZWKo0dRUaWeG8cfBQP91uw8XWHQ9dl7B13Cc/s64iyTezCRL563dJf8 6C0KLP/uYmkdd8jeWDYbfWvKrb8ubhyv27sPpCqw/nAkJriJW8WWVtEVlf2cVe+K d1sa5Aw0TW4GJMLOZ6N2q4BB4l+T/EAStAkr92023q9NLQkrbqG04/6bN3h7nhWE jRQReAuO8HoRldW9v0sYW1RirWAjnwcf6qEGTqUcouaipsGFlRn+XAvopROXhosM pB0KDLcF31hCdCxWhmmg99a4tYmVqxKrt17wuSt7vy+S+vxe75cVbjZIiPTp5Ib9 UNp23/fwvwTHEWh4FTsorU3XZ3CuPnTUwdGdyn4yhY1nJV5QP9V5qwDIucmcG73t VuhKUgZ4n9y9I5tB8INyBS//F2p5I0ZqYWyUY0yO3QgT9iuD2bKArMeq6csGoqas zDbsFB045voKQMaspQZpmGdhnuTPJEX9woy7E6uy1bvDvxYe51WykkDH4CrAS50h fzrGIzYTsTCZrJh50Gt8 =zqaS -----END PGP SIGNATURE-----
--l5KRGvrnKFRSwNeLu4sH1cmIHshB32BDw--
--===============6608719487082587139== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============6608719487082587139==--
|
|
|
|