Bug#913467: nvidia-graphics-drivers: CVE‑2018‑6260: access to application data processed on the GPU through a side channel exposed by the GPU performance counters

Luca Boccassi bluca at debian.org
Sun Nov 11 12:54:31 GMT 2018


Source: nvidia-graphics-drivers
Version: 390.87
Severity: serious
Tags: security upstream

https://nvidia.custhelp.com/app/answers/detail/a_id/4738

"NVIDIA graphics driver contains a vulnerability that may allow access
to application data processed on the GPU through a side channel exposed
by the GPU performance counters. Local user access is required. This is
not a network or remote attack vector."

Details are still scarce at this point, the affected platforms and
versions are not yet known so I've just pointed it to the version in
unstable for now.

-- 
Kind regards,
Luca Boccassi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <http://alioth-lists.debian.net/pipermail/pkg-nvidia-devel/attachments/20181111/08f67cb5/attachment.sig>


More information about the pkg-nvidia-devel mailing list