MDKSA-2007:007
- Package name
- nvidia
- Date
- 2007-01-10
- Advisory ID
- MDKSA-2007:007
- Affected versions
- 2007.0 x86_64 , 2007.0 i586
Problem description
A vulnerability in the NVIDIA Xorg driver was discovered by Derek
Abdine who found that it did not correctly verify the size of buffers
used to render text glyphs, resulting in a crash of the server when
displaying very long strings of text. If a user was tricked into
viewing a specially crafted series of glyphs, this flaw could be
exploited to run arbitrary code with root privileges.
This vulnerability exists in driver versions 1.0-8762 and 1.0-8774 and
is corrected in 1.0-8776 which is being provided with this update.
The packages can be found in the non-free/updates media.
Updated packages
2007.0 x86_64
03b3098b8f73457af6045dc5d9cf1cc7 2007.0/x86_64/dkms-nvidia-8776-1mdv2007.0.x86_64.rpm 7549687671abb40f1cffc85d73699c68 2007.0/x86_64/nvidia-8776-1mdv2007.0.x86_64.rpm 3a7d4c53a90033c1ab029f285abf39e5 2007.0/x86_64/nvidia-kernel-2.6.17-5mdv-8776-1mdk.x86_64.rpm
2007.0 i586
3003991cb905b6b320ceabe32cc7a983 2007.0/i586/dkms-nvidia-8776-1mdv2007.0.i586.rpm 2c519b24d141713c423ef9d10c6287de 2007.0/i586/nvidia-8776-1mdv2007.0.i586.rpm 69eff61846795f6a849e2fdd5eb3a2f9 2007.0/i586/nvidia-kernel-2.6.17-5mdv-8776-1mdk.i586.rpm 5a3c611e53ec9d636c3d191e64bc7447 2007.0/i586/nvidia-kernel-2.6.17-5mdventerprise-8776-1mdk.i586.rpm 82ac29835942c5de7a3b0d72c5212b8d 2007.0/i586/nvidia-kernel-2.6.17-5mdvlegacy-8776-1mdk.i586.rpm