A NVIDIA drivers bug allows unprivileged user-mode software to access the GPU inappropriately, allowing for privilege escalation.
Package | x11-drivers/nvidia-drivers on all architectures |
---|---|
Affected versions | < 331.20 |
Unaffected versions | >= 331.20 revision >= 319.76 revision >= 304.116 revision >= 304.119 revision >= 304.121 |
The NVIDIA drivers provide X11 and GLX support for NVIDIA graphic boards.
The vulnerability is caused due to the driver allowing unprivileged user-mode software to access the GPU.
A local attacker could gain escalated privileges.
There is no known workaround at this time.
All NVIDIA Drivers users using the 331 branch should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=x11-drivers/nvidia-drivers-331.20"
All NVIDIA Drivers users using the 319 branch should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=x11-drivers/nvidia-drivers-319.76"
All NVIDIA Drivers users using the 304 branch should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=x11-drivers/nvidia-drivers-304.116"
Release date
February 02, 2014
Latest revision
March 13, 2014: 3
Severity
high
Exploitable
local
Bugzilla entries