Updated nvidia driver packages fix security vulnerability
Publication date: 25 Oct 2015Modification date: 25 Oct 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-5950
Description
A vulnerability has been found in the nvidia proprietary driver that could be used to allow a local, non-privileged user to corrupt kernel memory. This could be used to gain local root privileges. A local user can issue a specially crafted IOCTL to write a 32-bit integer value stored in the kernel driver to a user-specified memory location, potentially in the kernel address space. The user has a limited ability to influence the value of the integer that is written. (CVE-2015-5950)
References
SRPMS
5/nonfree
- kmod-nvidia304-304.128-1.mga5.nonfree
- nvidia304-304.128-1.mga5.nonfree
- kmod-nvidia340-340.93-1.mga5.nonfree
- nvidia340-340.93-1.mga5.nonfree
- kmod-nvidia-current-346.96-1.mga5.nonfree
- nvidia-current-346.96-1.mga5.nonfree
5/core
- ldetect-lst-0.1.346.1-1.mga5