NVIDIA driver flaw allows remote compromise

A vulnerability in NVIDIA’s X driver allows machines that view a malformed web page to execute arbitrary code at root privileges. The vulnerability can be also executed locally but the more interesting part is that it can be easily exploited remotely.

In addition, it appears that the open source drivers are immune to this, while the binary formed drivers are not, making this vulnerability a good example why open source drivers are more secure :P

You can find out more information about this vulnerability, in addition to a proof of concept at: NVIDIA Binary Graphics Driver for Linux Buffer Overflow

  • rebeljoe

    Patch this mofo now! Cant believe I’ve been sitting vulnerable since 2004 when it could’ve been fixed..

  • ATI sux

    ZERT should fix this!