Access Restriction Bypass Affecting nvidia-graphics-drivers-legacy-340xx package, versions <340.98-1
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN10-NVIDIAGRAPHICSDRIVERSLEGACY340XX-385307
- published 8 Nov 2016
- disclosed 8 Nov 2016
Introduced: 8 Nov 2016
CVE-2016-7389 Open this link in a new tabHow to fix?
Upgrade Debian:10 nvidia-graphics-drivers-legacy-340xx to version 340.98-1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream nvidia-graphics-drivers-legacy-340xx package and not the nvidia-graphics-drivers-legacy-340xx package as distributed by Debian.
See How to fix? for Debian:10 relevant fixed versions and status.
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 before 304.132, R340 before 340.98, R367 before 367.55, R361_93 before 361.93.03, and R370 before 370.28 contains a vulnerability in the kernel mode layer (nvidia.ko) handler for mmap() where improper input validation may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.