Vulnerability Description
NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows local users to write to arbitrary physical memory locations and gain privileges by modifying the VGA window using /dev/nvidia0.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Unix Graphic Driver | <= 295.71 |
Related Weaknesses (CWE)
References
- http://nvidia.custhelp.com/app/answers/detail/a_id/3140Vendor Advisory
- http://seclists.org/fulldisclosure/2012/Aug/4
- http://seclists.org/fulldisclosure/2012/Aug/76
- http://security.gentoo.org/glsa/glsa-201304-01.xml
- http://www.openwall.com/lists/oss-security/2012/08/01/1
- http://www.openwall.com/lists/oss-security/2012/08/08/4
- http://nvidia.custhelp.com/app/answers/detail/a_id/3140Vendor Advisory
- http://seclists.org/fulldisclosure/2012/Aug/4
- http://seclists.org/fulldisclosure/2012/Aug/76
- http://security.gentoo.org/glsa/glsa-201304-01.xml
- http://www.openwall.com/lists/oss-security/2012/08/01/1
- http://www.openwall.com/lists/oss-security/2012/08/08/4
FAQ
What is CVE-2012-4225?
CVE-2012-4225 is a vulnerability with a CVSS score of 7.2 (HIGH). NVIDIA UNIX graphics driver before 295.71 and before 304.32 allows local users to write to arbitrary physical memory locations and gain privileges by modifying the VGA window using /dev/nvidia0.
How severe is CVE-2012-4225?
CVE-2012-4225 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4225?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Unix Graphic Driver.