NVIDIA Binary Graphics Driver Root Exploit

A security advisory was released today which warns about a severe security issue in the binary-only NVIDIA drivers:

The NVIDIA Binary Graphics Driver for Linux is vulnerable to a
buffer overflow that allows an attacker to run arbitrary code as
root. This bug can be exploited both locally or remotely (via
a remote X client or an X client which visits a malicious web page).
A working proof-of-concept root exploit is included with this
advisory.

The only possible solution (as NVIDIA still hasn't fixed the issue, although they know about it since 2004):

Disable the binary blob driver and use the open-source "nv" driver that is included by default with X.

Yes, you won't have 3D acceleration any more if you do that. Yes, that sucks. Complain to NVIDIA that they don't provide documentation so that free drivers can be written.

Luckily I stopped using the NVIDIA binary-blob quite a while ago, and I don't intend to ever use it again. This exploit clearly shows me that that's a good decision. For now, I'll have to live with the fact that I must use software-rendering for 3D (which is slow). When I buy my next computer it won't have an NVIDIA card, that's for sure.

But maybe there's hope. Maybe, just maybe, NVIDIA releases proper documentation one day (but don't hold your breath).

Alternatively, I just learned about the nouveau project: a project which aims at producing Open Source 3D drivers for nVidia cards. I don't know what the current status is and whether it's usable already, but this is definately a project which is worth trying out and worth supporting!

(via Kerneltrap)

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Hopefully this kind of

Hopefully this kind of madness will go away once these graphic cards get out: http://lists.duskglow.com/mailman/listinfo/open-graphics :)

Only NVidia knew?

Rumors of that have been floating around for ages. It seems difficult to believe that only NVidia knew.

What I am wondering is whether the Windows NVidia drivers had the same (or a similar) bug, and whether other hardware drivers for proprietary OSs have similar bugs.

When you have a corporate "desktop standard" it's easy for an attacker to discover exactly what it is if the company is of any reasonable size. Therefore an attacker could discover which buggy drivers are being used and craft exploits accordingly.

For good security the only thing to do is to ban all closed-source software from your network.

ban all closed-source software from your network

Not surprisingly, I fully agree :)

Patch is Available

Lonnie says the latest driver (beta) is available and fixes this.