Sicherheit: Zwei Probleme in NVIDIA graphics drivers

Lesezeichen hinzufügen

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============8022740594209890730==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="Ap0h65MSdolpdZUl0AheHuBs0BL3ky0t5"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--Ap0h65MSdolpdZUl0AheHuBs0BL3ky0t5
Content-Type: multipart/mixed;
boundary="Vrctw10Cyj0QJg23K8izWrJklxnJsOARf";
protected-headers="v1"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <5ba2e8b7-10e8-79ba-1c01-96f50237a0bb@canonical.com>
Subject: [USN-3662-1] NVIDIA graphics drivers vulnerabilities

--Vrctw10Cyj0QJg23K8izWrJklxnJsOARf
Content-Type: text/plain; charset=utf-8
Content-Language: en-C
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-3662-1
May 29, 2018

nvidia-graphics-drivers-384 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

NVIDIA graphics drivers could be made to crash or run programs as an
administrator.

Software Description:
- nvidia-graphics-drivers-384: NVIDIA binary X.Org driver

Details:

It was discovered that the NVIDIA graphics drivers contained flaws in the
kernel mode layer. A local attacker could use these issues to cause a
denial of service or potentially escalate their privileges on the system.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
nvidia-384 384.130-0ubuntu0.17.10.1

Ubuntu 16.04 LTS:
nvidia-384 384.130-0ubuntu0.16.04.1

Ubuntu 14.04 LTS:
nvidia-384 384.130-0ubuntu0.14.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3662-1
CVE-2018-6249, CVE-2018-6253

Package Information:

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.130-0ubuntu0.17.10.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.130-0ubuntu0.16.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.130-0ubuntu0.14.04.1

--Vrctw10Cyj0QJg23K8izWrJklxnJsOARf--

--Ap0h65MSdolpdZUl0AheHuBs0BL3ky0t5
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlsNq1cACgkQZWnYVadE
vpNHGA//WwmVdQCzM2ACQutQaxrFHvvYgLRq+aTiG7a65VPbAk1ee9hhbJIfb4GM
0gQixm2uBnM9ZieOiehO0+Y3sHCQOHBWzaZcQK/ErZTPgg3UTiqBJ+9P/JWrTp5p
/ZYzheuCS5rnZyFgvunTixAlWq+MBFHmOzAi0uKV39PbGuw6k1pj6FHtqf9Zeaea
IKU4IPDNsna6pLezcvWutXmHlKw5Ts55Dms5ydC2r/RDopD7updi/i0jouldfYPX
UdX30k7QEpC43wyXwuBc8fEafudgOgq44JzrWD4odB03+6ge1sGmcQYpFiCjR2CN
aErx+nCZadHbS/I5b9m52klmiwB8z9C5bNYvvSvZ98pK5KbgxoeeEp7PxgFDe6HZ
YzVpG3QTm7QqmnSNa9B//FFhpnbFXmAXSYHVt7ToUKVRt8/7qrOyJaDnvDJPBu7w
qnkqAlU0BkGTWBKO8ASO2Fhx1CysToKRNP/wzgy6Fi3+aus5AO2LXgzQ2Tp3XwFn
/pflqDyGb9I54tdkx3UstNX8rfMvbg4wm4TqJ+Wt9z1/i5XTUD6vBXhKHIxaUIcU
I4frSdCB5SIpUHS145yJWQAjhI4jA+7U1OQDmz3QU9LOslJoCLhkfMLnBo1UCIdv
no5rynuCBGRDLwIXxLL00cCokN3ZuSpU5J/CErqlxs1y6zlgXrs=
=rcgQ
-----END PGP SIGNATURE-----

--Ap0h65MSdolpdZUl0AheHuBs0BL3ky0t5--

--===============8022740594209890730==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

--===============8022740594209890730==--