4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
24.9%
The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary
memory locations by leveraging GPU device-node read/write privileges.
Author | Note |
---|---|
mdeslaur | driver 96 is for older cards which aren’t vulnerable to the issue |
jdstrand | -173 is currently not installable or usable on 12.04 LTS. Nvidia is planning a driver update for this series, which will include the fix for this issue tseliot is working on the updates for 12.04 LTS |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | nvidia-graphics-drivers | < 195.36.24-0ubuntu1~10.04.2 | UNKNOWN |
ubuntu | 11.04 | noarch | nvidia-graphics-drivers | < 270.41.06-0ubuntu1.1 | UNKNOWN |
ubuntu | 11.10 | noarch | nvidia-graphics-drivers | < 280.13-0ubuntu6.1 | UNKNOWN |
ubuntu | 10.04 | noarch | nvidia-graphics-drivers-173 | < 173.14.22-0ubuntu11.1 | UNKNOWN |
ubuntu | 11.04 | noarch | nvidia-graphics-drivers-173 | < 173.14.30-0ubuntu1.1 | UNKNOWN |
ubuntu | 11.10 | noarch | nvidia-graphics-drivers-173 | < 173.14.30-0ubuntu8.1 | UNKNOWN |
ubuntu | 11.10 | noarch | nvidia-graphics-drivers-173-updates | < 173.14.30-0ubuntu5.1 | UNKNOWN |
ubuntu | 11.10 | noarch | nvidia-graphics-drivers-updates | < 280.13-0ubuntu5.1 | UNKNOWN |