{"id":"MGASA-2015-0005","summary":"Updated nvidia packages fix security vulnerabilities","details":"Updated nvidia304 and nvidia-current drivers fixes security issues:\n\nThe NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before\nR331.113, R340.x before R340.65, R343.x before R343.36, and R346.x\nbefore R346.22, Linux for Tegra (L4T) driver before R21.2, and Chrome\nOS driver before R40 allows remote attackers to cause a denial of\nservice (segmentation fault and X server crash) or possibly execute\narbitrary code via a crafted GLX indirect rendering protocol request\n(CVE-2014-8093, CVE-2014-8098, CVE-2014-8298).\n\nNote, the nvidia173 173.14.39 driver in Mageia 4 is also vulnerable\nto this issue, but as it has reached EOL upstream it wont get any\nfixes for this.\n\nFor nvidia-cuda-toolkit, it's safe to use with the fixed nvidia304\nand nvidia-current drivers released as part of this update.\n","modified":"2026-01-30T09:25:40.298473Z","published":"2015-01-07T15:14:58Z","related":["CVE-2014-8093","CVE-2014-8098","CVE-2014-8298"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0005.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=14787"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=14767"},{"type":"REPORT","url":"http://lwn.net/Vulnerabilities/625511/"},{"type":"REPORT","url":"http://www.ubuntu.com/usn/usn-2438-1/"}],"affected":[{"package":{"name":"kmod-nvidia-current","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-nvidia-current?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"331.113-1.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0005.json"}},{"package":{"name":"nvidia-current","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/nvidia-current?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"331.113-1.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0005.json"}},{"package":{"name":"kmod-nvidia304","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-nvidia304?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"304.125-1.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0005.json"}},{"package":{"name":"nvidia304","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/nvidia304?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"304.125-1.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0005.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}