*Serious* security problem with nVidia binary driver
Lonni J Friedman
netllama at gmail.com
Mon Oct 16 22:05:52 UTC 2006
On 10/16/06, Andy Green <andy at warmcat.com> wrote:
> Lonni J Friedman wrote:
>
> > This bug was fixed in NVIDIA's 1.0-9625 driver release (last month):
> > http://www.nzone.com/object/nzone_downloads_rel70betadriver.html
>
> This isn't what the advisory says:
>
> Published: Oct 16, 2006
> Revision: 1.0
> http://www.rapid7.com/advisories/R7-0025.jsp
> ...
> KNOWN FIXED:
> o None
> ...
> As of the publication date, the latest NVIDIA binary driver is still
> vulnerable.
>
> Maybe they discount the version you linked to because it calls itself a
> beta.
I just verified that their exploit works in 1.0-8774 and doesn't work
in 1.0-9625. Also, there's a 1.0-9626 driver out which isn't a beta
(that was released last week).
More information about the fedora-list
mailing list