Root Exploit For NVIDIA Closed-Source Linux Driver

← Back to Stories (view on slashdot.org)

Root Exploit For NVIDIA Closed-Source Linux Driver

Posted by ryuzaki0 on Monday October 16, 2006 @09:18AM from the dangerous-blobs dept.

possible writes, "KernelTrap is reporting that the security research firm Rapid7 has published a working root exploit for a buffer overflow in NVIDIA's binary blob graphics driver for Linux. The NVIDIA drivers for FreeBSD and Solaris are also likely vulnerable. This will no doubt fuel the debate about whether binary blob drivers should be allowed in Linux." Rapid7's suggested action to mitigate this vulnerability: "Disable the binary blob driver and use the open-source 'nv' driver that is included by default with X."

10 of 548 comments (clear)

Re:useless suggestion by Anonymous Coward · 2006-10-16 09:22 · Score: 5, Funny

stfu. Say first post next time like normal people.
Linux root Exploit by Anonymous Coward · 2006-10-16 09:23 · Score: 0, Funny

This is why windows is better. You'll never see a root exploit on a windows machine. We don't try to hide our exploits behind some high level encrpypted account. Leave the holes in the open and they will thing they are a trap. Thats my motto
Re:To Theo de Raadt by Anonymous Coward · 2006-10-16 09:36 · Score: 1, Funny

Okay, that was more information than we needed.
Re:useless suggestion by Anonymous Coward · 2006-10-16 09:43 · Score: 3, Funny

Ironically, the mach64 driver is not built by default because it also has security issues
This is an obvious fraud by drinkypoo · 2006-10-16 09:46 · Score: 3, Funny

Theo LOVES to say "I told you so"

--
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Re:better suggestion by Psykechan · 2006-10-16 09:47 · Score: 4, Funny

Do you have a better suggestion?

Well duh! Our only course of action is to bitch about it on /.

Of course this now gives me some ammo against the Linux+nVidia fans I personally know. As Nelson Muntz would say: "Ha ha".
neighbors watch out by wes33 · 2006-10-16 09:54 · Score: 4, Funny

Hey ... my neighbor runs linux with an nvidia card. And he was showing me some fancy 3d stuff that my xp can't do. So I can hardly wait to turn the tables and take over his system. So what is step 1 ...

Oh, I see, first I have to break into his house :(
Re:This is a relatively minor problem by archen · 2006-10-16 11:03 · Score: 2, Funny

Intel

(Too bad they don't make boards for the AMD processors ;-)
nVidia Programmers by NullProg · 2006-10-16 13:54 · Score: 3, Funny

Ignoring the argument of Binary vs OSS drivers for a minute.

The root of this problem is 'C'. The nVidia programmers have way too much power. Buffer overruns, string comparisons, memory access, pointer arithmetic. These features need to be banned from modern computing.

Just last week over prune juice, I was telling Linus, Theo, and Dave Cutler why they should only allow C#/Java/Python based video drivers in their kernels.

Enjoy,

--
It's just the normal noises in here.
Re:useless suggestion by Anonymous Coward · 2006-10-16 17:02 · Score: 1, Funny

Option "NoLogo" "True"