Author Topic: Security vulnerability in old NVIDIA UNIX drivers, fixed in 295.40  (Read 4095 times)

0 Members and 1 Guest are viewing this topic.

Stefan

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4447
Security vulnerability CVE-2012-0946 in the NVIDIA UNIX driver was disclosed to NVIDIA on March 20th, 2012. The vulnerability makes it possible for an attacker who has read and write access to the GPU device nodes to reconfigure GPUs to gain access to arbitrary system memory. NVIDIA is not aware of any reports of this vulnerability, outside of the disclosure which was made privately to NVIDIA.

The default file permissions on the GPU device nodes grant read and write access to all users. The permissions are configurable, but even on systems where the device node permissions are restricted, read and write access must be granted to any users who need to run applications that perform GLX direct rendering, or use the GPU to run computations through APIs like CUDA or OpenCL. Because any user with read and write access to the GPU device nodes could potentially exploit this vulnerability to gain access to system memory that would normally be inaccessible to that user, this vulnerability has been classified as high risk by NVIDIA.

NVIDIA has identified the root cause of the vulnerability and has released updated drivers which close it. The 295.40 driver for Linux, Solaris, and FreeBSD contains the fix for this issue, and we encourage all users with Geforce 8 or newer, G80 Quadro or newer, and all Tesla GPUs to update their drivers to one of these versions. Additionally, a patch to the kernel interface layer of the NVIDIA Linux kernel module is available, which can be used to patch older drivers, if necessary. The patch and instructions on how to apply it are available at ftp://download.nvidia.com/XFree86/patches/security/CVE-2012-0946. Driver 295.40 already has the patch applied: if it is installed, then no further action is necessary.

The Linux CUDA debugger will no longer work after applying the security patch. An updated CUDA library is required in order to use the CUDA debugger with a driver which has had this vulnerability closed. The CUDA library distributed with 295.40 contains the changes necessary for proper operation of the CUDA debugger.

NVIDIA provides a technical contact to security firms to inform us of potential security issues. We encourage anyone that has identified what they believe to be a security issue with an NVIDIA driver to directly contact our UNIX Graphics Driver security email alias, unix-security@nvidia.com, to report and evaluate any potential issues prior to publishing a public security advisory.

NVIDIA is committed to providing robust, secure graphics drivers for Linux, Solaris, and FreeBSD. We encourage anyone encountering issues with our driver to work with us through thehttp://www.nvnews.net forums to help us collect the information needed to investigate and resolve issues in our driver.

We look forward to continuing to work with the professional security community to make our driver more robust and secure.