Ubuntu – NVIDIA Linux Driver Hack Gives You Root Access

nvidiarootSecurity

Launchpad bug link:

https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-updates/+bug/1032344

Apparently there is a security vulnerability with the current Nvidia Drivers that gives the attacker root access?

Excerpt from Phoronix article:
Phoronix news link: http://www.phoronix.com/scan.php?page=news_item&px=MTE1MTk

"David Airlie published this NVIDIA hack today to a mailing list (the exploit is attached there as a single C file). Airlie isn't the original author of this hack but rather the code was passed onto him by an anonymous user(s). The code was forwarded to NVIDIA Corp more than one month ago, but the official NVIDIA Linux proprietary driver developers have yet to act on the vulnerability. As a result, it was decided to release this to the public. Now maybe NVIDIA will take care of it since this 760 lines of C code can provide root access to a system running the NVIDIA binary blob.
First up I didn't write this but I have executed it and it did work here,

I was given this anonymously, it has been sent to nvidia over a month ago with no reply or advisory and the original author wishes to remain anonymous but would like to have the exploit published at this time, so I said I'd post it for them.

It basically abuses the fact that the /dev/nvidia0 device accept changes to the VGA window and moves the window around until it can read/write to somewhere useful in physical RAM, then it just does an priv escalation by writing directly to kernel memory."

Questions:

  1. Which Nvidia Proprietary driver versions does this affect?
  2. Should we update to a specific version to avoid this?
  3. Are Nvidia 295.49 x86_64 drivers safe?
  4. Is Ubuntu 12.04 LTS 3.2.0-27-generic #43-Ubuntu immune from this?

Launchpad.net Link: https://answers.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-updates/+question/204865

Best Answer

  • This affects all current Nvidia proprietary drivers available in the official repositories, PPAs or from the Nvidia website; until a fix is released, there's nothing to upgrade/downgrade to.
  • This is not the Ubuntu/Linux kernel's fault or problem, it's a vulnerability in the Nvidia driver - the kernel must let the driver run with very high privileges for it to properly function.

What can you do?

The exploit is a demonstration only; if you follow normal security practices and do not install random packages or execute or compile random binaries, you should be safe.

If you are still concerned and can do without the 3D functionality provided by the proprietary drivers, consider uninstalling them, which leaves you with the open-source nouveau driver -- it is not affected by this vulnerability.