cnvd-2016-10933
Vulnerability from cnvd

Title: 多款NVIDIA产品本地权限提升漏洞

Description:

NVIDIA Quadro、NVS、GeForce和Tesla都是美国英伟达(NVIDIA)公司的产品。Quadro、NVS和GeForce都是显卡产品;Tesla是一款图形处理器。NVIDIA GPU Display Driver是其中的一个图形处理器(GPU)显卡驱动程序。

NVIDIA Quadro、NVS、GeForce及Tesla产品中的NVIDIA GPU Display Driver存在安全漏洞,该漏洞源于程序没有正确验证输入数据。攻击者可利用该漏洞获取物理内存的访问权限。

Severity:

Patch Name: 多款NVIDIA产品本地权限提升漏洞的补丁

Patch Description:

NVIDIA Quadro、NVS、GeForce和Tesla都是美国英伟达(NVIDIA)公司的产品。Quadro、NVS和GeForce都是显卡产品;Tesla是一款图形处理器。NVIDIA GPU Display Driver是其中的一个图形处理器(GPU)显卡驱动程序。

NVIDIA Quadro、NVS、GeForce及Tesla产品中的NVIDIA GPU Display Driver存在安全漏洞,该漏洞源于程序没有正确验证输入数据。攻击者可利用该漏洞获取物理内存的访问权限。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: http://nvidia.custhelp.com/app/answers/detail/a_id/4246

Reference: http://www.securityfocus.com/bid/94177 http://nvidia.custhelp.com/app/answers/detail/a_id/4246

Impacted products
Name
['NVIDIA GeForce R304', 'NVIDIA GeForce R370', 'NVIDIA GeForce R340 0', 'NVIDIA GeForce R367 0', 'NVIDIA Quadro NVS R304', 'NVIDIA Quadro NVS R367', 'NVIDIA Quadro NVS R370', 'NVIDIA Tesla R367', 'NVIDIA Tesla P100 R361_93']
Show details on source website

To clipboard 

{
  "bids": {
    "bid": {
      "bidNumber": "94177"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-7389"
    }
  },
  "description": "NVIDIA Quadro\u3001NVS\u3001GeForce\u548cTesla\u90fd\u662f\u7f8e\u56fd\u82f1\u4f1f\u8fbe\uff08NVIDIA\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Quadro\u3001NVS\u548cGeForce\u90fd\u662f\u663e\u5361\u4ea7\u54c1\uff1bTesla\u662f\u4e00\u6b3e\u56fe\u5f62\u5904\u7406\u5668\u3002NVIDIA GPU Display Driver\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u56fe\u5f62\u5904\u7406\u5668(GPU)\u663e\u5361\u9a71\u52a8\u7a0b\u5e8f\u3002\r\n\r\nNVIDIA Quadro\u3001NVS\u3001GeForce\u53caTesla\u4ea7\u54c1\u4e2d\u7684NVIDIA GPU Display Driver\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u6b63\u786e\u9a8c\u8bc1\u8f93\u5165\u6570\u636e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u7269\u7406\u5185\u5b58\u7684\u8bbf\u95ee\u6743\u9650\u3002",
  "discovererName": "NVIDIA",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://nvidia.custhelp.com/app/answers/detail/a_id/4246",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-10933",
  "openTime": "2016-11-11",
  "patchDescription": "NVIDIA Quadro\u3001NVS\u3001GeForce\u548cTesla\u90fd\u662f\u7f8e\u56fd\u82f1\u4f1f\u8fbe\uff08NVIDIA\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Quadro\u3001NVS\u548cGeForce\u90fd\u662f\u663e\u5361\u4ea7\u54c1\uff1bTesla\u662f\u4e00\u6b3e\u56fe\u5f62\u5904\u7406\u5668\u3002NVIDIA GPU Display Driver\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u56fe\u5f62\u5904\u7406\u5668(GPU)\u663e\u5361\u9a71\u52a8\u7a0b\u5e8f\u3002\r\n\r\nNVIDIA Quadro\u3001NVS\u3001GeForce\u53caTesla\u4ea7\u54c1\u4e2d\u7684NVIDIA GPU Display Driver\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u6b63\u786e\u9a8c\u8bc1\u8f93\u5165\u6570\u636e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u7269\u7406\u5185\u5b58\u7684\u8bbf\u95ee\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eNVIDIA\u4ea7\u54c1\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "NVIDIA GeForce R304",
      "NVIDIA GeForce R370",
      "NVIDIA GeForce R340 0",
      "NVIDIA GeForce R367 0",
      "NVIDIA Quadro NVS R304",
      "NVIDIA Quadro NVS R367",
      "NVIDIA Quadro NVS R370",
      "NVIDIA Tesla R367",
      "NVIDIA Tesla P100 R361_93"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/94177\r\nhttp://nvidia.custhelp.com/app/answers/detail/a_id/4246",
  "serverity": "\u4e2d",
  "submitTime": "2016-11-10",
  "title": "\u591a\u6b3eNVIDIA\u4ea7\u54c1\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.