MGASA-2017-0013

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2017-0013.html

Import Source

https://advisories.mageia.org/MGASA-2017-0013.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2017-0013

Related

Published

2017-01-09T20:29:57Z

Modified

2017-01-09T20:16:18Z

Summary

Updated nvidia304 and nvidia340 packages fix security vulnerabilities

Details

This proprietary nvidia340 and nvidia304 driver update fixes the following security issues:

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvidia.ko) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges (CVE-2016-7382).

NVIDIA GPU Display Driver on Linux contains a vulnerability in the kernel mode layer (nvidia.ko) handler for mmap() where improper input validation may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges (CVE-2016-7389).

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvidia.ko) where a user can cause a GPU interrupt storm, leading to a denial of service (CVE-2016-8826).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / nvidia304

Package

Name: nvidia304
Purl: pkg:rpm/mageia/nvidia304?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

304.134-1.mga5.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:5 / nvidia340

Package

Name: nvidia340
Purl: pkg:rpm/mageia/nvidia340?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

340.101-1.mga5.nonfree

Ecosystem specific

{
    "section": "nonfree"
}