Ubuntu 3122-1: NVIDIA graphics drivers vulnerabilities

=========================================================================Ubuntu Security Notice USN-3122-1
November 03, 2016

nvidia-graphics-drivers-304, nvidia-graphics-drivers-340,
nvidia-graphics-drivers-367 vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

NVIDIA graphics drivers could be made to run programs as an administrator.

Software Description:
- nvidia-graphics-drivers-304: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-340: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-367: NVIDIA binary X.Org driver

Details:

It was discovered that the NVIDIA graphics drivers incorrectly sanitized
user mode inputs. A local attacker could use this issue to possibly gain
root privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  nvidia-304                      304.132-0ubuntu0.16.04.2
  nvidia-304-updates              304.132-0ubuntu0.16.04.2
  nvidia-331                      340.98-0ubuntu0.16.04.1
  nvidia-331-updates              340.98-0ubuntu0.16.04.1
  nvidia-340                      340.98-0ubuntu0.16.04.1
  nvidia-340-updates              340.98-0ubuntu0.16.04.1
  nvidia-361                      367.57-0ubuntu0.16.04.1
  nvidia-367                      367.57-0ubuntu0.16.04.1
  nvidia-current                  304.132-0ubuntu0.16.04.2

Ubuntu 14.04 LTS:
  nvidia-304                      304.132-0ubuntu0.14.04.2
  nvidia-304-updates              304.132-0ubuntu0.14.04.2
  nvidia-331                      340.98-0ubuntu0.14.04.1
  nvidia-331-updates              340.98-0ubuntu0.14.04.1
  nvidia-340                      340.98-0ubuntu0.14.04.1
  nvidia-340-updates              340.98-0ubuntu0.14.04.1
  nvidia-352                      367.57-0ubuntu0.14.04.1
  nvidia-352-updates              367.57-0ubuntu0.14.04.1
  nvidia-367                      367.57-0ubuntu0.14.04.1
  nvidia-current                  304.132-0ubuntu0.14.04.2

Ubuntu 12.04 LTS:
  nvidia-304                      304.132-0ubuntu0.12.04.1
  nvidia-304-updates              304.132-0ubuntu0.12.04.1
  nvidia-331                      340.98-0ubuntu0.12.04.1
  nvidia-331-updates              340.98-0ubuntu0.12.04.1
  nvidia-340                      340.98-0ubuntu0.12.04.1
  nvidia-340-updates              340.98-0ubuntu0.12.04.1
  nvidia-current                  304.132-0ubuntu0.12.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-3122-1
  CVE-2016-7382, CVE-2016-7389

Package Information:

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.132-0ubuntu0.16.04.2

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.98-0ubuntu0.16.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-367/367.57-0ubuntu0.16.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.132-0ubuntu0.14.04.2

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.98-0ubuntu0.14.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-367/367.57-0ubuntu0.14.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.132-0ubuntu0.12.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.98-0ubuntu0.12.04.1
Ubuntu 3122-1: NVIDIA graphics drivers vulnerabilities

Summary

Update Instructions

References

Package Information

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By
