cnvd - cnvd-2015-07805

cnvd-2015-07805

Vulnerability from cnvd

Title: 多款NVIDIA GPU显卡驱动获取权限漏洞

Description:

NVIDIA GPU graphics driver R346和R352 for Linux和R352 for GRID vGPU and vSGA都是美国英伟达（NVIDIA）公司的图形处理器(GPU)驱动程序。

多款NVIDIA GPU显卡驱动的host memory mapping path功能中存在安全漏洞，该漏洞源于程序未能正确限制访问第三方的IO内存。攻击者可借助follow_pfn kernel-mode API利用该漏洞获取权限，造成拒绝服务（资源消耗）。

Severity: 高

Patch Name: 多款NVIDIA GPU显卡驱动获取权限漏洞的补丁

Patch Description:

NVIDIA GPU graphics driver R346和R352 for Linux和R352 for GRID vGPU and vSGA都是美国英伟达（NVIDIA）公司的图形处理器(GPU)驱动程序。多款NVIDIA GPU显卡驱动的host memory mapping path功能中存在安全漏洞，该漏洞源于程序未能正确限制访问第三方的IO内存。攻击者可借助follow_pfn kernel-mode API利用该漏洞获取权限，造成拒绝服务（资源消耗）。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://nvidia.custhelp.com/app/answers/detail/a_id/3802

Reference: http://nvidia.custhelp.com/app/answers/detail/a_id/3802

Impacted products

Name
['NVIDIA GPU graphics driver R346 for Linux <346.87', 'NVIDIA NVIDIA GPU graphics driver R352 for Linux <352.41', 'NVIDIA NVIDIA GPU graphics driver R352 for GRID vGPU/vSGA <352.46']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-5053"
    }
  },
  "description": "NVIDIA GPU graphics driver R346\u548cR352 for Linux\u548cR352 for GRID vGPU and vSGA\u90fd\u662f\u7f8e\u56fd\u82f1\u4f1f\u8fbe\uff08NVIDIA\uff09\u516c\u53f8\u7684\u56fe\u5f62\u5904\u7406\u5668(GPU)\u9a71\u52a8\u7a0b\u5e8f\u3002\r\n\r\n\u591a\u6b3eNVIDIA GPU\u663e\u5361\u9a71\u52a8\u7684host memory mapping path\u529f\u80fd\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u9650\u5236\u8bbf\u95ee\u7b2c\u4e09\u65b9\u7684IO\u5185\u5b58\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9follow_pfn kernel-mode API\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6743\u9650\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8d44\u6e90\u6d88\u8017\uff09\u3002",
  "discovererName": "NVIDIA",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://nvidia.custhelp.com/app/answers/detail/a_id/3802",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-07805",
  "openTime": "2015-11-27",
  "patchDescription": "NVIDIA GPU graphics driver R346\u548cR352 for Linux\u548cR352 for GRID vGPU and vSGA\u90fd\u662f\u7f8e\u56fd\u82f1\u4f1f\u8fbe\uff08NVIDIA\uff09\u516c\u53f8\u7684\u56fe\u5f62\u5904\u7406\u5668(GPU)\u9a71\u52a8\u7a0b\u5e8f\u3002\u591a\u6b3eNVIDIA GPU\u663e\u5361\u9a71\u52a8\u7684host memory mapping path\u529f\u80fd\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u9650\u5236\u8bbf\u95ee\u7b2c\u4e09\u65b9\u7684IO\u5185\u5b58\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9follow_pfn kernel-mode API\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6743\u9650\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8d44\u6e90\u6d88\u8017\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eNVIDIA GPU\u663e\u5361\u9a71\u52a8\u83b7\u53d6\u6743\u9650\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "NVIDIA GPU graphics driver R346 for Linux \u003c346.87",
      "NVIDIA NVIDIA GPU graphics driver R352 for Linux \u003c352.41",
      "NVIDIA NVIDIA GPU graphics driver R352 for GRID vGPU/vSGA \u003c352.46"
    ]
  },
  "referenceLink": "http://nvidia.custhelp.com/app/answers/detail/a_id/3802",
  "serverity": "\u9ad8",
  "submitTime": "2015-11-26",
  "title": "\u591a\u6b3eNVIDIA GPU\u663e\u5361\u9a71\u52a8\u83b7\u53d6\u6743\u9650\u6f0f\u6d1e"
}

CVE-2015-5053 (GCVE-0-2015-5053)

Vulnerability from cvelistv5

Published

2015-11-24 20:00

Modified

2024-08-06 06:32

Severity ?

CWE

Summary

The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of service (resource consumption), or possibly have unspecified other impact via unknown vectors related to the follow_pfn kernel-mode API call.

References

▼	URL	Tags
	http://nvidia.custhelp.com/app/answers/detail/a_id/3802	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:32:32.674Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3802"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-11-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of service (resource consumption), or possibly have unspecified other impact via unknown vectors related to the follow_pfn kernel-mode API call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-11-24T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3802"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-5053",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of service (resource consumption), or possibly have unspecified other impact via unknown vectors related to the follow_pfn kernel-mode API call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/3802",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3802"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-5053",
    "datePublished": "2015-11-24T20:00:00",
    "dateReserved": "2015-06-24T00:00:00",
    "dateUpdated": "2024-08-06T06:32:32.674Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted