CVE-2013-0131
Published: 3 April 2013
Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users to execute arbitrary code via a large ARGB cursor.
Notes
| Author | Note |
|---|---|
| mdeslaur | upstream advisory says vulnerability is present since 195.22 fixed in 304.88, 310.44, 313.30 We aren't going to fix the experimental drivers. Users of the experimental drivers for who this issue is important are recommended to switch to production drivers. Doesn't actually affected nvidia-settings and nvidia-settings-updates. Updates are simply required for compatibility reasons. |
| jdstrand | no updates from NVIDIA for 195.36 (Ubuntu 10.04 LTS), 280.13 and 295.20 (Ubuntu 11.10) as of 2013-04-19 |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
nvidia-graphics-drivers Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Ignored
(end of life)
|
|
| oneiric |
Ignored
(end of life)
|
|
| precise |
Released
(304.88-0ubuntu0.0.2)
|
|
| quantal |
Released
(304.88-0ubuntu0.1)
|
|
| raring |
Does not exist
|
|
| upstream |
Released
(304.88-1)
|
|
|
nvidia-graphics-drivers-304 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Not vulnerable
(304.88-0ubuntu0.0.3)
|
|
| quantal |
Does not exist
|
|
| raring |
Released
(304.88-0ubuntu1)
|
|
| upstream |
Released
(304.88)
|
|
|
nvidia-graphics-drivers-304-updates Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Not vulnerable
(304.88-0ubuntu0.0.3)
|
|
| quantal |
Does not exist
|
|
| raring |
Released
(304.88-0ubuntu1)
|
|
| upstream |
Released
(304.88)
|
|
|
nvidia-graphics-drivers-310 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Released
(310.44-0ubuntu1)
|
|
| upstream |
Released
(310.44)
|
|
|
nvidia-graphics-drivers-310-updates Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Released
(310.44-0ubuntu1)
|
|
| upstream |
Released
(310.44)
|
|
|
nvidia-graphics-drivers-313-updates Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Released
(313.30-0ubuntu1)
|
|
| upstream |
Released
(313.30)
|
|
|
nvidia-graphics-drivers-experimental-304 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Ignored
|
|
| quantal |
Ignored
|
|
| raring |
Does not exist
|
|
| upstream |
Released
(304.88)
|
|
|
nvidia-graphics-drivers-experimental-310 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Ignored
|
|
| quantal |
Ignored
|
|
| raring |
Does not exist
|
|
| upstream |
Released
(310.44)
|
|
|
nvidia-graphics-drivers-updates Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Ignored
(end of life)
|
|
| precise |
Released
(304.88-0ubuntu0.0.1)
|
|
| quantal |
Released
(304.88-0ubuntu0.1)
|
|
| raring |
Does not exist
|
|
| upstream |
Released
(304.88)
|
|
|
nvidia-settings Launchpad, Ubuntu, Debian |
hardy |
Not vulnerable
|
| lucid |
Not vulnerable
|
|
| oneiric |
Not vulnerable
|
|
| precise |
Not vulnerable
|
|
| quantal |
Not vulnerable
|
|
| raring |
Not vulnerable
|
|
| upstream |
Not vulnerable
|
|
|
nvidia-settings-updates Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Not vulnerable
|
|
| precise |
Not vulnerable
|
|
| quantal |
Not vulnerable
|
|
| raring |
Not vulnerable
|
|
| upstream |
Not vulnerable
|