diff options
author | danfe <danfe@FreeBSD.org> | 2017-05-23 17:18:04 +0800 |
---|---|---|
committer | danfe <danfe@FreeBSD.org> | 2017-05-23 17:18:04 +0800 |
commit | 9c5fda4fdf8a0e7201746ec4eb3a55a8e22c8fa6 (patch) | |
tree | 84d7fc43cf537475754beab747993e4ac523974c /security | |
parent | 2fbb58df16c1d4298b18a3082ea484279f027daa (diff) | |
download | freebsd-ports-gnome-9c5fda4fdf8a0e7201746ec4eb3a55a8e22c8fa6.tar.gz freebsd-ports-gnome-9c5fda4fdf8a0e7201746ec4eb3a55a8e22c8fa6.tar.zst freebsd-ports-gnome-9c5fda4fdf8a0e7201746ec4eb3a55a8e22c8fa6.zip |
Document another round of multiple vulnerabilities found in the kernel
mode layer handler of nVidia GPU display driver.
Security: CVE-2017-0350, CVE-2017-0351, CVE-2017-0352
PR: 219465
Submitted by: Andrew Marks
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 204faec8c942..21ccc424551b 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,38 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="f52e3a8d-3f7e-11e7-97a9-a0d3c19bfa21"> + <topic>NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler</topic> + <affects> + <package> + <name>nvidia-driver</name> + <range><lt>375.66</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>NVIDIA Unix security team reports:</p> + <blockquote cite="http://nvidia.custhelp.com/app/answers/detail/a_id/4462"> + <p>NVIDIA GPU Display Driver contains vulnerabilities in the + kernel mode layer handler where not correctly validated user + input, NULL pointer dereference, and incorrect access control + may lead to denial of service or potential escalation of + privileges.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2017-0350</cvename> + <cvename>CVE-2017-0351</cvename> + <cvename>CVE-2017-0352</cvename> + <url>http://nvidia.custhelp.com/app/answers/detail/a_id/4462</url> + </references> + <dates> + <discovery>2017-05-15</discovery> + <entry>2017-05-23</entry> + </dates> + </vuln> + <vuln vid="da1d5d2e-3eca-11e7-8861-0018fe623f2b"> <topic>miniupnpc -- integer signedness error</topic> <affects> |