CUDA drivers/Linux security hole

[gran () classic chem msu su]

Hello,

We have recently found serious security breach in CUDA Linux drivers:

http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7675-1380-00.htm

http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7676-1022+00.htm

In brief, driver maps pinned memory to user space but does not initialize it to zero. As an example, our simplest 
"proof of concept" program was able to read large fragments of files being written or read by other users.  

Kind regards,
Alex Granovsky

Firefly Project
http://classic.chem.msu.su/gran/firefly/