FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-18 21:55:04 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
fdf72a0e-8371-11e4-bc20-001636d274f3NVIDIA UNIX driver -- remote denial of service or arbitrary code execution

NVIDIA Unix security team reports:

The GLX indirect rendering support supplied on NVIDIA products is subject to the recently disclosed X.Org vulnerabilities (CVE-2014-8093, CVE-2014-8098) as well as internally identified vulnerabilities (CVE-2014-8298).

Depending on how it is configured, the X server typically runs with raised privileges, and listens for GLX indirect rendering protocol requests from a local socket and potentially a TCP/IP port. The vulnerabilities could be exploited in a way that causes the X server to access uninitialized memory or overwrite arbitrary memory in the X server process. This can cause a denial of service (e.g., an X server segmentation fault), or could be exploited to achieve arbitrary code execution.


Discovery 2014-12-03
Entry 2014-12-14
nvidia-driver
< 340.65

nvidia-driver-304
< 304.125

nvidia-driver-173
le 173.14.35_3

nvidia-driver-96
le 96.43.23_2

nvidia-driver-71
le 71.86.15_4

CVE-2014-8298
CVE-2014-8093
CVE-2014-8098