Attacker Value
Very Low
(1 user assessed)
Exploitability
Very High
(1 user assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

NVIDIA binary graphics driver: Privilege escalation vulnerability

Disclosure Date: October 18, 2006
CVE-2006-5379
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.

Add Assessment

2
Ratings
  • Attacker Value
    Very Low
  • Exploitability
    Very High
Technical Analysis

This vuln is triggerable as a drive-by if someone visits a site using a browser while the impacted nvidia blob driver was used on the system. You could do this by installing a custom set of font glyphs that contain shellcode, and overflowing the video buffer with a long “string” of those glyphs (which would write past the video buffer memory boundary). However, the likelihood of someone using this driver today is extremely low, so, not very useful.

Log in to Add Reply
CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
exploit
Utility Class
rce
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • nvidia

Products

  • binary graphics driver v8762,
  • binary graphics driver v8774

References

Canonical
CVE-2006-5379 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5379)
BID-20559 (http://www.securityfocus.com/bid/20559)
Advisory
ADV-2006-4053 (http://www.vupen.com/english/advisories/2006/4053)
SECUNIA-22730 (http://secunia.com/advisories/22730)
GLSA-200611-03 (http://security.gentoo.org/glsa/glsa-200611-03.xml)
SREASON-1742 (http://securityreason.com/securityalert/1742)
USN-377-1 (http://www.ubuntu.com/usn/usn-377-1)
SUNALERT-102693 (http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1)
SECUNIA-22419 (http://secunia.com/advisories/22419)
SECTRACK-1017072 (http://securitytracker.com/id?1017072)
VU#147252 (http://www.kb.cert.org/vuls/id/147252)
XF-nvidia-linux-driver-bo(29622) (https://exchange.xforce.ibmcloud.com/vulnerabilities/29622)
ADV-2006-4328 (http://www.vupen.com/english/advisories/2006/4328)
SECUNIA-22676 (http://secunia.com/advisories/22676)
http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971
20061113 Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability (http://www.securityfocus.com/archive/1/451329/100/0/threaded)
http://www.mandriva.com/security/advisories?name=MDKSA-2007:007
SECUNIA-23678 (http://secunia.com/advisories/23678)
20061016 Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux (http://www.securityfocus.com/archive/1/448860/100/0/threaded)
SECUNIA-22764 (http://secunia.com/advisories/22764)
Miscellaneous
http://download2.rapid7.com/r7-0025/nv_exploit.c
http://www.rapid7.com/advisories/R7-0025.jsp
http://download2.rapid7.com/r7-0025

Additional Info

Authenticated
Never
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis