Thursday, August 2, 2012

Nvidia Binary Exploit Gives Root Access on Linux

Nvidia is reported to have a dangerous exploit in its binary driver and it seems that is doing nothing to fix the situation or even acknowledge it.

In a mailing list post, Dave Airlie, a well known X hacker, has reported that a bug in the Nvidia binary would grant a user root access. He says the information has been passed to him anonymously, but the source is to be trusted.

It basically abuses the fact that the /dev/nvidia0 device accept changes to the VGA window and moves the window around until it can read/write to somewhere useful in physical RAM, then it just does an priv escalation by writing directly to kernel memory.” - said Dave Airlie.

Nvidia has some problems with its drivers before, and even recently, Linus Thorvalds gave them the finger, literally. This is not good news for the video card manufacturer. The only way out of this is to provide a fix as quickly as possible.

Upcoming Features of Fedora 18

Now that we know the codename for the upcoming Fedora 18 operating system, and the fact that it will introduce support for 256-color terminals, it is time to learn something about other features that will be incorporated in this anticipated release.

On the Fedora Engineering Steering Committee (FESCo) meeting that took place two days ago, on July 30th, the developers approved several new features for the Fedora 18 release:

· Samba 4.0;
· MATE desktop environment;
· oVirt engine 3.1;
· Agent-Free Systems Management;
· Sugar 0.98;
· LTTng 2.0;
· ownCloud;
· support for Google Cloud Printing;
· support for HP ePrint;
· support for network IPP servers;
· SELinux Systemd Access Control;
· IPA v3 trusts update;
· Python 3.3;
· FedFS (Federated File System);
· Server KMS drivers;
· LLVM support on 64-bit POWER systems;
· Systemtap 2.0;
· NFSometer;
· VNCServer support for LLVMpipe/Mesa on 64-bit IBM Power Systems;
· QXL/Spice KMS driver.