Security Vulnerability With Graphics Driver for Solaris 10 and Linux on Certain Systems |
|
| Category : | Security |
| Release Phase : | Resolved |
| Product : | Sun Ultra 20 Workstation
Sun Ultra 20 M2 Workstation
Sun Ultra 40 Workstation
|
| Bug Id : | None
|
| Date of Resolved Release : | 02-NOV-2006
|
A Security vulnerability in the Nvidia Graphics driver for Solaris 10 and Linux (both pre-install and CD versions) may allow a local or remote unprivileged user to run arbitrary code as root, due to a buffer overflow.
Additional information describing this issue can be found in the following document:
Security Advisory R7-0025 at http://download2.rapid7.com/r7-0025/
Note: Not all versions of the the Nvidia driver prior to those mentioned in the "Resolution" section of this Sun Alert are vulnerable to this issue. Please see the "Contributing Factors" section below for the affected versions.
Contributing Factors
This issue can occur in the following releases:
x86/x64 Platforms
- Nvidia Graphics Driver (for Solaris 10) versions 1.0-8762 and 1.0-8774
Linux Platform
- Nvidia Graphics Driver versions 1.0-8762 and 1.0-8774
on the following systems:
- Ultra 20, Ultra 20M2
- Ultra 40
Notes:
- The SPARC platform is not affected by this issue, as Nvidia cards are not used on those platforms.
- The Nvidia Graphics Driver is shipped with the Sun hardware mentioned in this section.
- The Ultra 40M2 platform is not affected by this issue, as this system will ship with updated drivers.
To determine the Nvidia driver version on a Solaris or Linux system, the following command can be run:
# grep -i Nvidia /var/log/Xorg.0.log
(--) PCI:*(130:0:0) nVidia Corporation unknown chipset (0x014e)
rev 162, Mem @ 0xd4000000/26, 0xd8000000/27, 0xd1000000/24
(II) Module glx: vendor="NVIDIA Corporation"
(II) LoadModule: "nvidia"
(II) Loading /usr/X11R6/lib64/modules/drivers/nvidia_drv.so
(II) Module nvidia: vendor="NVIDIA Corporation"
(II) NVIDIA dlloader X Driver 1.0-8776 Mon Oct 16 21:55:22 PDT 2006
Note: RHEL3 uses /var/log/XFree86.0.log
Symptoms
There are no predictable symptoms that would indicate the described vulnerability has been exploited.
Workaround
There is no workaround for this issue. Please see the Resolution section below.
Resolution
This issue is addressed in the following releases:
x86/x64 Platforms
- Nvidia Graphics Driver (for Solaris 10) version 1.0-8776
Linux Platform
- Nvidia Graphics Driver version 1.0-8776
The 1.2 "Tools and Drivers" CD for the Ultra 20 M2, the 1.5a Supplemental CD for the Ultra 20, and the 1.4a "Tools and Drivers" CD for the Ultra 40 contain the 1.0-8776 drivers, and can be downloaded from the following sites:
Ultra 20, Ultra 20M2:
http://www.sun.com/desktop/workstation/ultra20/downloads.jsp
Ultra 40:
http://www.sun.com/desktop/workstation/ultra40/downloads.jsp
AttachmentsThis solution has no attachment
Sun Contracted Content
Sun Contracted Feature
