NVIDIA UNIX Driver CVE-2012-0946 Local Privilege Escalation Vulnerability

Bugtraq ID:	52982
Class:	Input Validation Error
CVE:	CVE-2012-0946
Remote:	No
Local:	Yes
Published:	Mar 20 2012 12:00AM
Updated:	Jun 25 2012 07:20AM
Credit:	The vendor reported this issue.
Vulnerable:	Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 NVIDIA Unix Driver 295.39 Gentoo Linux
Not Vulnerable:	NVIDIA Unix Driver 295.40

NVIDIA UNIX Driver CVE-2012-0946 Local Privilege Escalation Vulnerability

NVIDIA UNIX Driver is prone to a local privilege-escalation vulnerability.

A local attacker may exploit this issue to run programs with Local System privileges. Successful exploits will result in the complete compromise of affected computers.

NVIDIA UNIX Driver CVE-2012-0946 Local Privilege Escalation Vulnerability

Currently we are not aware of any exploits. If you feel we are in error or if you are aware of any more recent information, please mail us at: [email protected]

NVIDIA UNIX Driver CVE-2012-0946 Local Privilege Escalation Vulnerability

Solution:
Vendor updates are available. Please see the references for details.

NVIDIA UNIX Driver CVE-2012-0946 Local Privilege Escalation Vulnerability

References:

• Security vulnerability CVE-2012-0946 in the NVIDIA UNIX driver (NVIDIA)
  
• Unix Driver Homepage (NVIDIA)