[USN-3662-1] NVIDIA graphics drivers vulnerabilities


This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
–===============8022740594209890730==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol=”application/pgp-signature”;
boundary=”Ap0h65MSdolpdZUl0AheHuBs0BL3ky0t5″

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
–Ap0h65MSdolpdZUl0AheHuBs0BL3ky0t5
Content-Type: multipart/mixed; boundary=”Vrctw10Cyj0QJg23K8izWrJklxnJsOARf”;
protected-headers=”v1″
From: Marc Deslauriers
Reply-To: Ubuntu Security
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID:
Subject: [USN-3662-1] NVIDIA graphics drivers vulnerabilities

–Vrctw10Cyj0QJg23K8izWrJklxnJsOARf
Content-Type: text/plain; charset=utf-8
Content-Language: en-CA
Content-Transfer-Encoding: quoted-printable

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Ubuntu Security Notice USN-3662-1
May 29, 2018

nvidia-graphics-drivers-384 vulnerabilities
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 17.10
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

NVIDIA graphics drivers could be made to crash or run programs as an
administrator.

Software Description:
– nvidia-graphics-drivers-384: NVIDIA binary X.Org driver

Details:

It was discovered that the NVIDIA graphics drivers contained flaws in the=

kernel mode layer. A local attacker could use these issues to cause a
denial of service or potentially escalate their privileges on the system.=

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
nvidia-384 384.130-0ubuntu0.17.10.1

Ubuntu 16.04 LTS:
nvidia-384 384.130-0ubuntu0.16.04.1

Ubuntu 14.04 LTS:
nvidia-384 384.130-0ubuntu0.14.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3662-1
CVE-2018-6249, CVE-2018-6253

Package Information:

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.130-=
0ubuntu0.17.10.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.130-=
0ubuntu0.16.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/384.130-=
0ubuntu0.14.04.1

–Vrctw10Cyj0QJg23K8izWrJklxnJsOARf–

–Ap0h65MSdolpdZUl0AheHuBs0BL3ky0t5
Content-Type: application/pgp-signature; name=”signature.asc”
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename=”signature.asc”

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlsNq1cACgkQZWnYVadE
vpNHGA//WwmVdQCzM2ACQutQaxrFHvvYgLRq+aTiG7a65VPbAk1ee9hhbJIfb4GM
0gQixm2uBnM9ZieOiehO0+Y3sHCQOHBWzaZcQK/ErZTPgg3UTiqBJ+9P/JWrTp5p
/ZYzheuCS5rnZyFgvunTixAlWq+MBFHmOzAi0uKV39PbGuw6k1pj6FHtqf9Zeaea
IKU4IPDNsna6pLezcvWutXmHlKw5Ts55Dms5ydC2r/RDopD7updi/i0jouldfYPX
UdX30k7QEpC43wyXwuBc8fEafudgOgq44JzrWD4odB03+6ge1sGmcQYpFiCjR2CN
aErx+nCZadHbS/I5b9m52klmiwB8z9C5bNYvvSvZ98pK5KbgxoeeEp7PxgFDe6HZ
YzVpG3QTm7QqmnSNa9B//FFhpnbFXmAXSYHVt7ToUKVRt8/7qrOyJaDnvDJPBu7w
qnkqAlU0BkGTWBKO8ASO2Fhx1CysToKRNP/wzgy6Fi3+aus5AO2LXgzQ2Tp3XwFn
/pflqDyGb9I54tdkx3UstNX8rfMvbg4wm4TqJ+Wt9z1/i5XTUD6vBXhKHIxaUIcU
I4frSdCB5SIpUHS145yJWQAjhI4jA+7U1OQDmz3QU9LOslJoCLhkfMLnBo1UCIdv
no5rynuCBGRDLwIXxLL00cCokN3ZuSpU5J/CErqlxs1y6zlgXrs=
=rcgQ
—–END PGP SIGNATURE—–

–Ap0h65MSdolpdZUl0AheHuBs0BL3ky0t5–

–===============8022740594209890730==
Content-Type: text/plain; charset=”utf-8″
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

–===============8022740594209890730==–