Bug#855277: nvidia-graphics-drivers: CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318

Andreas Beckmann anbe at debian.org
Thu Feb 16 10:50:27 UTC 2017


Source: nvidia-graphics-drivers
Version: 343.22-1
Severity: serious
Tags: security
Control: found -1 1.0.4363-1
Control: found -1 310.14-1
Control: clone -1 -2 -3
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318
Control: reassign -3 src:nvidia-graphics-drivers-legacy-304xx 304.108-2
Control: retitle -3 nvidia-graphics-drivers-legacy-304xx: CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318

http://nvidia.custhelp.com/app/answers/detail/a_id/4398

CVE-2017-0309

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer handler where multiple integer overflows may cause improper memory
allocation, which may lead to a denial of service or potential
escalation of privileges.

CVE-2017-0310

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer handler where improper access controls allow an unprivileged user
to cause a denial of service.

CVE-2017-0311

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer handler where improper access control may lead to a denial of
service or possible escalation of privileges.

CVE-2017-0321

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer handler where a NULL pointer dereference caused by invalid user
input may lead to a denial of service or potential escalation of
privileges.

CVE-2017-0318

NVIDIA Linux GPU Display Driver contains a vulnerability in the kernel
mode layer handler where improper validation of an input parameter may
cause a denial of service on the system.


Andreas



More information about the pkg-nvidia-devel mailing list