Bugtraq mailing list archives

[ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability

From: Raphael Marichez <falco () gentoo org>
Date: Tue, 7 Nov 2006 23:24:18 +0100

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200611-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: High
     Title: NVIDIA binary graphics driver: Privilege escalation
            vulnerability
      Date: November 07, 2006
      Bugs: #151635
        ID: 200611-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

The NVIDIA binary graphics driver is vulnerable to a local privilege
escalation through an X session.

Background
==========

The NVIDIA binary graphics driver from NVIDIA Corporation provides the
kernel module and the GL modules for graphic acceleration on the NVIDIA
based graphic cards.

Affected packages
=================

    -------------------------------------------------------------------
     Package                     /  Vulnerable  /           Unaffected
    -------------------------------------------------------------------
  1  x11-drivers/nvidia-drivers     < 1.0.8776             >= 1.0.8776
                                                            < 1.0-8762

Description
===========

Rapid7 reported a boundary error in the NVIDIA binary graphics driver
that leads to a buffer overflow in the accelerated rendering
functionality.

Impact
======

An X client could trigger the buffer overflow with a maliciously
crafted series of glyphs. A remote attacker could also entice a user to
open a specially crafted web page, document or X client that will
trigger the buffer overflow. This could result in the execution of
arbitrary code with root privileges or at least in the crash of the X
server.

Workaround
==========

Disable the accelerated rendering functionality in the Device section
of xorg.conf :
    Option      "RenderAccel" "false"

Resolution
==========

NVIDIA binary graphics driver users should upgrade to the latest
version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=x11-drivers/nvidia-drivers-1.0.8776"

References
==========

  [ 1 ] CVE-2006-5379
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5379

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200611-03.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security () gentoo org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2006 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Attachment: _bin
Description:

Current thread:

[ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability Raphael Marichez (Nov 07)
- Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability Nick Boyce (Nov 13)
  - Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability Raphael Marichez (Nov 13)
    - Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability Nick FitzGerald (Nov 14)
  - Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability Glynn Clements (Nov 14)