Package name
Advisory ID
Affected versions
2007.0 x86_64 , 2007.0 i586

Problem description

A vulnerability in the NVIDIA Xorg driver was discovered by Derek
Abdine who found that it did not correctly verify the size of buffers
used to render text glyphs, resulting in a crash of the server when
displaying very long strings of text. If a user was tricked into
viewing a specially crafted series of glyphs, this flaw could be
exploited to run arbitrary code with root privileges.

This vulnerability exists in driver versions 1.0-8762 and 1.0-8774 and
is corrected in 1.0-8776 which is being provided with this update.

The packages can be found in the non-free/updates media.

Updated packages

2007.0 x86_64

 03b3098b8f73457af6045dc5d9cf1cc7  2007.0/x86_64/dkms-nvidia-8776-1mdv2007.0.x86_64.rpm
 7549687671abb40f1cffc85d73699c68  2007.0/x86_64/nvidia-8776-1mdv2007.0.x86_64.rpm
 3a7d4c53a90033c1ab029f285abf39e5  2007.0/x86_64/nvidia-kernel-2.6.17-5mdv-8776-1mdk.x86_64.rpm

2007.0 i586

 3003991cb905b6b320ceabe32cc7a983  2007.0/i586/dkms-nvidia-8776-1mdv2007.0.i586.rpm
 2c519b24d141713c423ef9d10c6287de  2007.0/i586/nvidia-8776-1mdv2007.0.i586.rpm
 69eff61846795f6a849e2fdd5eb3a2f9  2007.0/i586/nvidia-kernel-2.6.17-5mdv-8776-1mdk.i586.rpm
 5a3c611e53ec9d636c3d191e64bc7447  2007.0/i586/nvidia-kernel-2.6.17-5mdventerprise-8776-1mdk.i586.rpm
 82ac29835942c5de7a3b0d72c5212b8d  2007.0/i586/nvidia-kernel-2.6.17-5mdvlegacy-8776-1mdk.i586.rpm