CVE-2006-5379
published 2006-10-18CVE-2006-5379: The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating…
PriorityP349high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
26.05%
97.7th percentile
The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nvidia-graphics-drivers | < nvidia-graphics-drivers 1.0.8776-1 (bookworm) | nvidia-graphics-drivers 1.0.8776-1 (bookworm) |
| nvidia | binary_graphics_driver | — | — |
| nvidia | binary_graphics_driver | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fm97-p25w-w6fj: The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operati
ghsa_unreviewed·2022-05-01
CVE-2006-5379 [HIGH] GHSA-fm97-p25w-w6fj: The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operati
The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.
OSV
CVE-2006-5379: The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operati
osv·2006-10-18·CVSS 7.5
CVE-2006-5379 [HIGH] CVE-2006-5379: The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operati
The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.
Ubuntu
NVIDIA vulnerability
vendor_ubuntu·2006-11-04
CVE-2006-5379 NVIDIA vulnerability
Title: NVIDIA vulnerability
Summary: NVIDIA vulnerability
Derek Abdine discovered that the NVIDIA Xorg driver did not correctly
verify the size of buffers used to render text glyphs. When displaying
very long strings of text, the Xorg server would crash. If a user were
tricked into viewing a specially crafted series of glyphs, this flaw
could be exploited to run arbitrary code with root privileges.
Instructions: After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
Debian
CVE-2006-5379: nvidia-graphics-drivers - The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary...
vendor_debian·2006·CVSS 7.5
CVE-2006-5379 [HIGH] CVE-2006-5379: nvidia-graphics-drivers - The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary...
The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.
Scope: local
bookworm: resolved (fixed in 1.0.8776-1)
bullseye: resolved (fixed in 1.0.8776-1)
forky: resolved (fixed in 1.0.8776-1)
sid: resolved (fixed in 1.0.8776-1)
trixie: resolved (fixed in 1.0.8776-1)
No detection rules found.
No writeups or analysis indexed.
http://download2.rapid7.com/r7-0025/http://download2.rapid7.com/r7-0025/nv_exploit.chttp://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971http://secunia.com/advisories/22419http://secunia.com/advisories/22676http://secunia.com/advisories/22730http://secunia.com/advisories/22764http://secunia.com/advisories/23678http://security.gentoo.org/glsa/glsa-200611-03.xmlhttp://securityreason.com/securityalert/1742http://securitytracker.com/id?1017072http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1http://www.kb.cert.org/vuls/id/147252http://www.mandriva.com/security/advisories?name=MDKSA-2007:007http://www.rapid7.com/advisories/R7-0025.jsphttp://www.securityfocus.com/archive/1/448860/100/0/threadedhttp://www.securityfocus.com/archive/1/451329/100/0/threadedhttp://www.securityfocus.com/bid/20559http://www.ubuntu.com/usn/usn-377-1http://www.vupen.com/english/advisories/2006/4053http://www.vupen.com/english/advisories/2006/4328https://exchange.xforce.ibmcloud.com/vulnerabilities/29622http://download2.rapid7.com/r7-0025/http://download2.rapid7.com/r7-0025/nv_exploit.chttp://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971http://secunia.com/advisories/22419http://secunia.com/advisories/22676http://secunia.com/advisories/22730http://secunia.com/advisories/22764http://secunia.com/advisories/23678http://security.gentoo.org/glsa/glsa-200611-03.xmlhttp://securityreason.com/securityalert/1742http://securitytracker.com/id?1017072http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1http://www.kb.cert.org/vuls/id/147252http://www.mandriva.com/security/advisories?name=MDKSA-2007:007http://www.rapid7.com/advisories/R7-0025.jsphttp://www.securityfocus.com/archive/1/448860/100/0/threadedhttp://www.securityfocus.com/archive/1/451329/100/0/threadedhttp://www.securityfocus.com/bid/20559http://www.ubuntu.com/usn/usn-377-1http://www.vupen.com/english/advisories/2006/4053http://www.vupen.com/english/advisories/2006/4328https://exchange.xforce.ibmcloud.com/vulnerabilities/29622
2006-10-18
Published