aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authordanfe <danfe@FreeBSD.org>2017-05-23 17:18:04 +0800
committerdanfe <danfe@FreeBSD.org>2017-05-23 17:18:04 +0800
commit9c5fda4fdf8a0e7201746ec4eb3a55a8e22c8fa6 (patch)
tree84d7fc43cf537475754beab747993e4ac523974c /security
parent2fbb58df16c1d4298b18a3082ea484279f027daa (diff)
downloadfreebsd-ports-gnome-9c5fda4fdf8a0e7201746ec4eb3a55a8e22c8fa6.tar.gz
freebsd-ports-gnome-9c5fda4fdf8a0e7201746ec4eb3a55a8e22c8fa6.tar.zst
freebsd-ports-gnome-9c5fda4fdf8a0e7201746ec4eb3a55a8e22c8fa6.zip
Document another round of multiple vulnerabilities found in the kernel
mode layer handler of nVidia GPU display driver. Security: CVE-2017-0350, CVE-2017-0351, CVE-2017-0352 PR: 219465 Submitted by: Andrew Marks
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml32
1 files changed, 32 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 204faec8c942..21ccc424551b 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -58,6 +58,38 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="f52e3a8d-3f7e-11e7-97a9-a0d3c19bfa21">
+ <topic>NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler</topic>
+ <affects>
+ <package>
+ <name>nvidia-driver</name>
+ <range><lt>375.66</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>NVIDIA Unix security team reports:</p>
+ <blockquote cite="http://nvidia.custhelp.com/app/answers/detail/a_id/4462">
+ <p>NVIDIA GPU Display Driver contains vulnerabilities in the
+ kernel mode layer handler where not correctly validated user
+ input, NULL pointer dereference, and incorrect access control
+ may lead to denial of service or potential escalation of
+ privileges.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2017-0350</cvename>
+ <cvename>CVE-2017-0351</cvename>
+ <cvename>CVE-2017-0352</cvename>
+ <url>http://nvidia.custhelp.com/app/answers/detail/a_id/4462</url>
+ </references>
+ <dates>
+ <discovery>2017-05-15</discovery>
+ <entry>2017-05-23</entry>
+ </dates>
+ </vuln>
+
<vuln vid="da1d5d2e-3eca-11e7-8861-0018fe623f2b">
<topic>miniupnpc -- integer signedness error</topic>
<affects>