Nvidia driver security update

[toracat]

If you are using the Nvidia driver, please read on.

Nvidia just released an update to the Nvidia Unix driver (version 295.40) that addressed a known security vulnerability (CVE-2012-0946). Please see their announcement for details.

If you have installed the Nvidia driver through ELRepo, updating to the current version is as easy as:

yum --enablerepo=elrepo update kmod-nvidia

and reboot.

See also this ELRepo blog.

[U308]

Thank you toracat.

Only local attacks I think ?

[toracat]

QUOTE (U308 @ Apr 12 2012, 10:26 AM)

Only local attacks I think ?

Yes, I believe so.

[U308]

Coming thick and fast. Now on 295.49.
Not really imperative to continuosly aspire to the latest is it ?
Maybe it would be a good idea to flag those updates that are really essential due
to a security vulnerability (eg. the 295.40 release) and/or some serious incompatibility issue(s)?
Well, of course toracat did flag the vuln. requiring install of 295.40.
So, I will rely on toracat and only install an update if flagged as a 'must do' by toracat.

PS. No pressure, definitely no pressure.

[toracat]

QUOTE (U308 @ May 12 2012, 06:37 AM)

PS. No pressure, definitely no pressure.

Hmmm. you used the word "pressure" twice in one sentence ...

[U308]

Lot's of breathing space.

[U308]

Nvidia vulnerability-new

QUOTE

Linux kernel and X.org developer Dave Airlie has published a program that exploits a vulnerability in NVIDIA's proprietary graphics driver on Linux to give root privileges to an arbitrary user on the system. The program was handed to Airlie anonymously and, he says, it was disclosed to NVIDIA over a month ago. NVIDIA has apparently not responded, so he is publishing it now as requested by the original author.

[tux99]

NVIDIA UNIX graphics driver exploit advisory
http://nvidia.custhelp.com/app/answers/detail/a_id/3140

NVIDIA has released an updated UNIX graphics driver 304.32 which contains the fix.

The 304.32 driver is available for download at the NVIDIA FTP site:

32-bit Linux: ftp://download.nvidia.com/XFree86/Linux-x86/304.32/
64-bit Linux: ftp://download.nvidia.com/XFree86/Linux-x86_64/304.32/

Hopefully Elrepo will have it soon packaged for EL6. No pressure though!

[toracat]

QUOTE (tux99 @ Aug 5 2012, 01:21 AM)

NVIDIA UNIX graphics driver exploit advisory http://nvidia.custhelp.com/app/answers/detail/a_id/3140 Hopefully Elrepo will have it soon packaged for EL6. No pressure though!

Thanks for the heads up. The maintainer has been alerted.

[redman]

I noticed on the Nvidia website that there are too kind of of drivers:

QUOTE

Latest Long Lived Branch version: 295.59 Latest Short Lived Branch version: 302.17

Perhaps I missed it on their main site, but I couldn't find good info on the differences / reasons for two drivers.
If someone can explain it, this would be helpful.

[toracat]

On the Nvidia forum, the maintainer of ELRepo's nvidia driver, Phil Perry, asked about the long-lived branch:

http://www.nvnews.net/vbulletin/showthread.php?t=166308

Phil: "How long will the long-lived branch be supported for?"

AaronP: "Thanks for asking. There's no set schedule for when the current long-lived branch will change, as it depends primarily on new system platform support (e.g., motherboard chipsets) and new GPU architectures. Our goal is to have at most 2 per year. Generally, support for the current long lived branch ends when a new one is available, but we will make exceptions for critical issues."

[redman]

Thanks for your answer.

Unfortunately I wasn't able to make out what the difference is between a "long-lived" driver and a "short-lived" driver.
I assume that it will be more or less the same with Firefox 10 ESR and the regular Firefox releases?
And if so, I should think you want to use the short-lived driver when you want the driver to be up-to-date?

[toracat]

QUOTE (redman @ Aug 6 2012, 10:56 PM)

Unfortunately I wasn't able to make out what the difference is between a "long-lived" driver and a "short-lived" driver. I assume that it will be more or less the same with Firefox 10 ESR and the regular Firefox releases?

Yes, I think your description is correct. Or, "stable" lines of kernels versus mainline kernel.

QUOTE

And if so, I should think you want to use the short-lived driver when you want the driver to be up-to-date?

That depends. The long-lived branch does get bug fixes, so if it works for you, it's probably best sticking with it. The short-lived branch will be a better choice if that provides new features or support newer models you are looking for. But it is a moving target.

[toracat]

QUOTE (toracat @ Aug 5 2012, 04:58 AM)

QUOTE (tux99 @ Aug 5 2012, 01:21 AM) NVIDIA UNIX graphics driver exploit advisory http://nvidia.custhelp.com/app/answers/detail/a_id/3140 Hopefully Elrepo will have it soon packaged for EL6. No pressure though!  Thanks for the heads up. The maintainer has been alerted.

So far, it looks as if the exploit does not work on EL5/6. At least 3 people attempted to run the posted program but either it did not do anything or it crashed the system. But no privilege escalation.

[tux99]

QUOTE (toracat @ Aug 7 2012, 06:20 PM)

So far, it looks as if the exploit does not work on EL5/6. At least 3 people attempted to run the posted program but either it did not do anything or it crashed the system. But no privilege escalation.

Good to know. This is exactly one of the reasons why Linux is inherently more secure than Windows or OSX that I keep mentioning to people. Due to the variety of distros, kernels, desktop environments, etc. it's very hard to find an exploit that works on every single Linux box.

It's a bit like in nature, natural variety of subspecies within species beats monoculture every time when it comes to resistance against pests and viruses.

[toracat]

ELRepo just released updated Nvidia drivers [version 295.71] that fix a security issue (Priv escalation) :

http://lists.elrepo.org/pipermail/elrepo/2012-August/001349.html

This is a LTS (long term support) release that fixes a security issue. Please see:

http://permalink.gmane.org/gmane.comp.security.full-disclosure/86747
http://nvidia.custhelp.com/app/answers/detail/a_id/3140

Note that it is a downgrade if you're running 3xx from the testing repo.