svn commit: r441511 - head/security/vuxml
Alexey Dokuchaev
danfe at FreeBSD.org
Tue May 23 09:18:06 UTC 2017
Author: danfe
Date: Tue May 23 09:18:04 2017
New Revision: 441511
URL: https://svnweb.freebsd.org/changeset/ports/441511
Log:
Document another round of multiple vulnerabilities found in the kernel
mode layer handler of nVidia GPU display driver.
Security: CVE-2017-0350, CVE-2017-0351, CVE-2017-0352
PR: 219465
Submitted by: Andrew Marks
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Tue May 23 09:00:35 2017 (r441510)
+++ head/security/vuxml/vuln.xml Tue May 23 09:18:04 2017 (r441511)
@@ -58,6 +58,38 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="f52e3a8d-3f7e-11e7-97a9-a0d3c19bfa21">
+ <topic>NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler</topic>
+ <affects>
+ <package>
+ <name>nvidia-driver</name>
+ <range><lt>375.66</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>NVIDIA Unix security team reports:</p>
+ <blockquote cite="http://nvidia.custhelp.com/app/answers/detail/a_id/4462">
+ <p>NVIDIA GPU Display Driver contains vulnerabilities in the
+ kernel mode layer handler where not correctly validated user
+ input, NULL pointer dereference, and incorrect access control
+ may lead to denial of service or potential escalation of
+ privileges.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2017-0350</cvename>
+ <cvename>CVE-2017-0351</cvename>
+ <cvename>CVE-2017-0352</cvename>
+ <url>http://nvidia.custhelp.com/app/answers/detail/a_id/4462</url>
+ </references>
+ <dates>
+ <discovery>2017-05-15</discovery>
+ <entry>2017-05-23</entry>
+ </dates>
+ </vuln>
+
<vuln vid="da1d5d2e-3eca-11e7-8861-0018fe623f2b">
<topic>miniupnpc -- integer signedness error</topic>
<affects>
More information about the svn-ports-all
mailing list