- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-3122-1
November 03, 2016
nvidia-graphics-drivers-304, nvidia-graphics-drivers-340,
nvidia-graphics-drivers-367 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS
Summary:
NVIDIA graphics drivers could be made to run programs as an administrator.
Software Description:
– nvidia-graphics-drivers-304: NVIDIA binary X.Org driver
– nvidia-graphics-drivers-340: NVIDIA binary X.Org driver
– nvidia-graphics-drivers-367: NVIDIA binary X.Org driver
Details:
It was discovered that the NVIDIA graphics drivers incorrectly sanitized
user mode inputs. A local attacker could use this issue to possibly gain
root privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
nvidia-304 304.132-0ubuntu0.16.04.2
nvidia-304-updates 304.132-0ubuntu0.16.04.2
nvidia-331 340.98-0ubuntu0.16.04.1
nvidia-331-updates 340.98-0ubuntu0.16.04.1
nvidia-340 340.98-0ubuntu0.16.04.1
nvidia-340-updates 340.98-0ubuntu0.16.04.1
nvidia-361 367.57-0ubuntu0.16.04.1
nvidia-367 367.57-0ubuntu0.16.04.1
nvidia-current 304.132-0ubuntu0.16.04.2
Ubuntu 14.04 LTS:
nvidia-304 304.132-0ubuntu0.14.04.2
nvidia-304-updates 304.132-0ubuntu0.14.04.2
nvidia-331 340.98-0ubuntu0.14.04.1
nvidia-331-updates 340.98-0ubuntu0.14.04.1
nvidia-340 340.98-0ubuntu0.14.04.1
nvidia-340-updates 340.98-0ubuntu0.14.04.1
nvidia-352 367.57-0ubuntu0.14.04.1
nvidia-352-updates 367.57-0ubuntu0.14.04.1
nvidia-367 367.57-0ubuntu0.14.04.1
nvidia-current 304.132-0ubuntu0.14.04.2
Ubuntu 12.04 LTS:
nvidia-304 304.132-0ubuntu0.12.04.1
nvidia-304-updates 304.132-0ubuntu0.12.04.1
nvidia-331 340.98-0ubuntu0.12.04.1
nvidia-331-updates 340.98-0ubuntu0.12.04.1
nvidia-340 340.98-0ubuntu0.12.04.1
nvidia-340-updates 340.98-0ubuntu0.12.04.1
nvidia-current 304.132-0ubuntu0.12.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-3122-1
CVE-2016-7382, CVE-2016-7389
Package Information:
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.132-0ubuntu0.16.04.2
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.98-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-367/367.57-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.132-0ubuntu0.14.04.2
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.98-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-367/367.57-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.132-0ubuntu0.12.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.98-0ubuntu0.12.04.1
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAEBCgAGBQJYG13qAAoJEGVp2FWnRL6TvdkP/ioGZ0CcpbPsnnQvPvgAT0ET
/ub7g9a4IoBjdqxNgS85Ua6uBj9tJAFrqjPlfAjtN426LH2wY+6dtGaj0qQ4NEM8
nsjg+e+YTAiYdkQ1BVwb3PE2XzQtakZrVpHi4XbhUXy2rhmhezEh3ut3MPYAfXDY
QilbDgZ1niF0NtOTuH1enbmCpUrhloSv8Bq+RDYzMtBjvIbstAitqc9EL95hdh7P
PaaO74pAYyFGM+t/OS9yrIOueveSnKNTwWJkCLSNbDEVceuzKuAvJ3DFMu0tOv/t
Brr5ZTtX0Q/FG1oP0xwqWc5f0ucg86Wrr+mONSjmB9A8ComUke9oAAuE8GusTaOT
5b5HMsibL5aa9ikSjeh38AbCcBPnxUyX1SkYtg68pBFm5BppdY9S2HjCM8ORA7sB
8gj2V9tJFvrdgsVtWuacXkw221bzYc5vT5+R9MVqU8kqYPiO/11fw7bM7YIx9Mff
CxQuysz9VIx++sbXO4qv4LjWvdxNJaDkSV6PFz4UsvTw92heq+t9lXFm+x6TVJpP
5aPPayPB+anoKHin53Z7vaz0fwiz3vY4k5RoaKp7h2OaSXCHHJbmqAfhGBQfqX2e
Bd4WfI4Q0NRNsFyNJ3SPdn0MMPIrz0oFrr9pXF3StXhdEjKRqlx7GItK2TsJ7xmA
el0Q25FXbmgONmVvlSaW
=JvHH
—–END PGP SIGNATURE—–
—
| Autor | Tomislav Protega |
| Cert id | NCERT-REF-2016-11-0069-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | http://www.adobe.com/ |
