CVE-2014-8298

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2014-8298
The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service (segmentation fault and X server crash) or possibly execute arbitrary code via a crafted GLX indirect rendering protocol request.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://nvidia.custhelp.com/app/answers/detail/a_id/3610 Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:nvidia:gpu_driver:r340.65:*:*:*:*:linux_kernel:*:*
cpe:2.3:a:nvidia:gpu_driver:r343.00:*:*:*:*:linux_kernel:*:*
cpe:2.3:a:nvidia:gpu_driver:r343.36:*:*:*:*:linux_kernel:*:*
cpe:2.3:a:nvidia:gpu_driver:r346.00:*:*:*:*:linux_kernel:*:*
cpe:2.3:a:nvidia:gpu_driver:r304.125:*:*:*:*:linux_kernel:*:*
cpe:2.3:a:nvidia:gpu_driver:r331.00:*:*:*:*:linux_kernel:*:*
cpe:2.3:a:nvidia:gpu_driver:r346.22:*:*:*:*:linux_kernel:*:*
cpe:2.3:a:nvidia:gpu_driver:r331.112:*:*:*:*:linux_kernel:*:*
cpe:2.3:a:nvidia:gpu_driver:r340.00:*:*:*:*:linux_kernel:*:*

Configuration 2 (hide)

cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:linux_kernel:tegra:*

Configuration 3 (hide)

cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:chrome_os:*:*
Information

Published : 2014-12-10 07:59

Updated : 2016-10-25 19:00

NVD link : CVE-2014-8298

Mitre link : CVE-2014-8298

JSON object : View

CWE
CWE-19

Data Processing Errors

Advertisement

dedicated server usa
Products Affected

nvidia

  • gpu_driver