Rapid7 Vulnerability & Exploit Database

USN-2438-1: NVIDIA graphics drivers vulnerabilities

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

USN-2438-1: NVIDIA graphics drivers vulnerabilities

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

12/10/2014

Created

07/25/2018

Added

12/11/2014

Modified

07/09/2020

Description

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service (segmentation fault and X server crash) or possibly execute arbitrary code via a crafted GLX indirect rendering protocol request.

Solution(s)

ubuntu-upgrade-nvidia-304
ubuntu-upgrade-nvidia-304-updates
ubuntu-upgrade-nvidia-331
ubuntu-upgrade-nvidia-331-updates

References

https://attackerkb.com/topics/cve-2014-8091
CVE - 2014-8091
CVE - 2014-8098
CVE - 2014-8298
DSA-3095
USN-2438-1

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;