NVIDIA Blob Has Security Hole, Again
Another security problem has crept up with NVIDIA's binary blob display driver for their GeForce and Quadro graphics cards. When the NVIDIA Linux display driver is installed with Gentoo Linux, poor file permissions are used with /dev/nvidia*, which could result in compromised software or even damage to your NVIDIA hardware. The latest NVIDIA Linux display driver (100.14.11) is not affected but v100.14.09 does contain the potential problem. You may recall last year that the NVIDIA Linux driver had another security exploit that could allow attackers to execute code locally or remotely with root access. That problem was around since 2004 but was fixed in the 1.0-9XXX driver series.
5 Comments