MGASA-2012-0125
| Date: | June 27th, 2012 |
| Affected releases: | 1 |
Description:
A security vulnerability has been found in the NVIDIA proprietary driver
which allows any process to reconfigure the GPU and gain access to
arbitrary system memory (CVE-2012-0946). This vulnerability has been
classified as high risk by NVIDIA.
This update for the nvidia-current driver addresses the issue.
The CUDA debugger (cuda-gdb) of the NVIDIA CUDA Toolkit will stop
functioning after this update. If you need to use the CUDA debugger,
you are suggested to install the 295.40 version of the NVIDIA proprietary
driver by following the instructions at:
https://bugs.mageia.org/show_bug.cgi?id=5392#c1.
If you do not use the CUDA debugger, no action is necessary beyond
installing this security update (275.09.07-1.1.mga1).
For users that need to use the CUDA debugger (cuda-gdb) see
https://bugs.mageia.org/show_bug.cgi?id=5393#c1
Updated Packages:
dkms-nvidia-current-275.09.07-1.1.mga1
nvidia-current-cuda-opencl-275.09.07-1.1.mga1
nvidia-current-devel-275.09.07-1.1.mga1
nvidia-current-doc-html-275.09.07-1.1.mga1
x11-driver-video-nvidia-current-275.09.07-1.1.mga1
References:
http://nvidia.custhelp.com/app/answers/detail/a_id/3109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0946
https://bugs.mageia.org/show_bug.cgi?id=5393
