Gentoo FoundationMGASA-2015-0407Updated nvidia driver packages fix security vulnerability
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
5.1%
A vulnerability has been found in the nvidia proprietary driver that could be used to allow a local, non-privileged user to corrupt kernel memory. This could be used to gain local root privileges. A local user can issue a specially crafted IOCTL to write a 32-bit integer value stored in the kernel driver to a user-specified memory location, potentially in the kernel address space. The user has a limited ability to influence the value of the integer that is written. (CVE-2015-5950)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 5 | noarch | ldetect-lst | < 0.1.346.1-1 | ldetect-lst-0.1.346.1-1.mga5 |
| Mageia | 5 | noarch | kmod-nvidia304 | < 304.128-1 | kmod-nvidia304-304.128-1.mga5.nonfree |
| Mageia | 5 | noarch | nvidia304 | < 304.128-1 | nvidia304-304.128-1.mga5.nonfree |
| Mageia | 5 | noarch | kmod-nvidia340 | < 340.93-1 | kmod-nvidia340-340.93-1.mga5.nonfree |
| Mageia | 5 | noarch | nvidia340 | < 340.93-1 | nvidia340-340.93-1.mga5.nonfree |
| Mageia | 5 | noarch | kmod-nvidia-current | < 346.96-1 | kmod-nvidia-current-346.96-1.mga5.nonfree |
| Mageia | 5 | noarch | nvidia-current | < 346.96-1 | nvidia-current-346.96-1.mga5.nonfree |
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
5.1%