Bug#855279: nvidia-graphics-drivers: CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318

Luca Boccassi luca.boccassi at gmail.com
Thu Feb 16 11:06:18 UTC 2017


On Thu, 16 Feb 2017 11:50:27 +0100 Andreas Beckmann <anbe at debian.org> wrote:
> Source: nvidia-graphics-drivers
> Version: 343.22-1
> Severity: serious
> Tags: security
> Control: found -1 1.0.4363-1
> Control: found -1 310.14-1
> Control: clone -1 -2 -3
> Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
> Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318
> Control: reassign -3 src:nvidia-graphics-drivers-legacy-304xx 304.108-2
> Control: retitle -3 nvidia-graphics-drivers-legacy-304xx: CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318
> 
> http://nvidia.custhelp.com/app/answers/detail/a_id/4398
> 
> CVE-2017-0309
> 
> NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
> layer handler where multiple integer overflows may cause improper memory
> allocation, which may lead to a denial of service or potential
> escalation of privileges.
> 
> CVE-2017-0310
> 
> NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
> layer handler where improper access controls allow an unprivileged user
> to cause a denial of service.
> 
> CVE-2017-0311
> 
> NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
> layer handler where improper access control may lead to a denial of
> service or possible escalation of privileges.
> 
> CVE-2017-0321
> 
> NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
> layer handler where a NULL pointer dereference caused by invalid user
> input may lead to a denial of service or potential escalation of
> privileges.
> 
> CVE-2017-0318
> 
> NVIDIA Linux GPU Display Driver contains a vulnerability in the kernel
> mode layer handler where improper validation of an input parameter may
> cause a denial of service on the system.
> 
> 
> Andreas

It did look very suspicious that they released all those new versions
all at the same time, and with a one-line changelog for 340.xx and
304.xx... Now I see why!

I assume we'll get an exception for Stretch, but I'd still like to keep
the new patches to support kernel 4.10, do you think that's all right?

Work on 304 and 340 is done in the respective branches (haven't ran 340
yet, just tested modules builds). I'll finish working on 375 tonight and
give both a spin.

Kind regards,
Luca Boccassi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-nvidia-devel/attachments/20170216/536230e6/attachment.sig>


More information about the pkg-nvidia-devel mailing list