Vulnerability Description:
The vulnerability could be exploited to cause the GPU to access the third-party device IO memory past the de-allocation phase. This can cause a denial of service (clogging the device with invalid requests), or be used to access privileged IO space of the third-party device.
Depending on the third-party device's specific hardware architecture, this could lead to escalation of privilege, denial of service, tampering or other serious security concerns.
Exploit Scope and Risk:
NVIDIA generally rates security issues based on a CVSS risk assessment, however, it cannot make material claims as to specific risk or mitigations of third-party devices. It is beyond the scope of this advisory to analyze a third-party IO space for risk.
Please contact the device vendor and consult with security professionals regarding your specific configuration for a risk assessment.
NVIDIA's risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA doesn't know of any exploits of these issues at this time.
Vulnerable Configurations:
This advisory relates to a possible security vulnerability in the host memory mapping path of NVIDIA GPUs. This feature is exposed exclusively on Linux platforms, in combination with recent Linux kernels greater than or equal to 2.6.31, i.e., those supporting the follow_pfn() kernel-mode API. Specifically the vulnerability is present on GeForce/Quadro/Tesla/Tegra graphics drivers for Linux OS.
NVIDIA GPU drivers for other operating systems are not affected.
Vulnerability Discovery:
NVIDIA was informed of this issue during co-design review work with Mellanox Technologies.
Fix:
NVIDIA recommends that users upgrade to a fixed driver component. Refer to the table below for recommended driver updates and locations.
|
Linux Branch |
Nvidia.com 1st version with fix |
|
R352 |
352.41 |
|
R346 |
346.87 |
|
GRID vGPU and vSGA Branch |
1st version with fix |
|
R352 |
352.46 |
Mitigations:
Always observe the following safe computing practices:
Only download or execute content and programs from trusted third parties.
Run your system and programs with the least privileges necessary. Users should run without root privileges whenever possible.
When running as root, do not elevate privileges for activities or programs that don't need them.