[Fwd: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux (with exploit)]
Andy Ritger
aritger at nvidia.com
Thu Oct 19 10:34:56 PDT 2006
Greetings,
To help clarify any misunderstandings about this security issue, NVIDIA
has posted an article in our online knowledge base:
http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
Also, an updated driver from our stable Release 85 series has been
released today that includes a fix for the security issue:
http://www.nvidia.com/object/linux_display_ia32_1.0-8776.html
http://www.nvidia.com/object/linux_display_amd64_1.0-8776.html
http://www.nvidia.com/object/freebsd_1.0-8776.html
http://www.nvidia.com/object/solaris_display_1.0-8776.html
Thank you,
Andy Ritger
Manager, NVIDIA UNIX Graphics Driver
NVIDIA Corporation
On Tue, 17 Oct 2006, Rene Rebe wrote:
> On Tuesday 17 October 2006 12:23, Hanno Böck wrote:
>> Am Montag, 16. Oktober 2006 23:59 schrieb Lonni J Friedman:
>>> Please note that this exploit is already fixed/resolved in the
>>> 1.0-9625 beta driver:
>>> http://www.nzone.com/object/nzone_downloads_rel70b etadriver.html
>>
>> Then let me ask why
>> - this isn't mentioned in the changelog (at least I couldn't find it)
>> - nvidia hasn't published a security-advisory
>> - nvidia has knowingly continued to provide it's "stable"-drivers with the
>> possibility to exploit for weeks.
> years
>
> --
> René Rebe - ExactCODE - Berlin (Europe / Germany)
> http://exactcode.de | http://t2-project.org | http://rene.rebe.name
> +49 (0)30 / 255 897 45
> _______________________________________________
> xorg mailing list
> xorg at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/xorg
>
More information about the xorg
mailing list