Bug 219465 - x11/nvidia-driver: Multiple Vulnerabilities (CVE-2017-0350, CVE-2017-0351, CVE-2017-0352)
Summary: x11/nvidia-driver: Multiple Vulnerabilities (CVE-2017-0350, CVE-2017-0351, CV...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Many People
Assignee: Alexey Dokuchaev
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-05-22 22:08 UTC by Andrew Marks
Modified: 2017-05-24 17:04 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (danfe)


Attachments
Bump 375.39 to 375.66 (907 bytes, patch)
2017-05-22 22:08 UTC, Andrew Marks
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Marks 2017-05-22 22:08:21 UTC
Created attachment 182820 [details]
Bump 375.39 to 375.66

Multiple Vulnerabilities affecting 3.7.5.x < .66

http://nvidia.custhelp.com/app/answers/detail/a_id/4462

The attached patch builds and installs on amd64, didn't get a chance to bounce XOrg or kldunload/kldload the driver yet.
Comment 1 Andrew Marks 2017-05-22 22:45:49 UTC
Reloaded nvidia-modeset.ko and nvidia.ko
bounced Xorg

Seems stable on
11.0-RELEASE-p9 on amd64
PCI Device: GF100GL [Quadro 5000]
Comment 2 commit-hook freebsd_committer 2017-05-23 09:18:55 UTC
A commit references this bug:

Author: danfe
Date: Tue May 23 09:18:05 UTC 2017
New revision: 441511
URL: https://svnweb.freebsd.org/changeset/ports/441511

Log:
  Document another round of multiple vulnerabilities found in the kernel
  mode layer handler of nVidia GPU display driver.

  Security:	CVE-2017-0350, CVE-2017-0351, CVE-2017-0352
  PR:		219465
  Submitted by:	Andrew Marks

Changes:
  head/security/vuxml/vuln.xml
Comment 3 commit-hook freebsd_committer 2017-05-24 16:37:46 UTC
A commit references this bug:

Author: danfe
Date: Wed May 24 16:37:37 UTC 2017
New revision: 441608
URL: https://svnweb.freebsd.org/changeset/ports/441608

Log:
  Update `x11/nvidia-driver' to version 375.66, which fixes multiple
  vulnerabilities in the kernel mode layer handler.

  Security:	f52e3a8d-3f7e-11e7-97a9-a0d3c19bfa21
  PR:		219465
  Submitted by:	Andrew Marks

Changes:
  head/x11/nvidia-driver/Makefile
  head/x11/nvidia-driver/distinfo
Comment 4 Alexey Dokuchaev freebsd_committer 2017-05-24 17:04:37 UTC
Port was updated and vulnerability entry added, thank you.