Vulnerability Description
The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service (segmentation fault and X server crash) or possibly execute arbitrary code via a crafted GLX indirect rendering protocol request.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Gpu Driver | r304.125 |
Related Weaknesses (CWE)
References
- http://nvidia.custhelp.com/app/answers/detail/a_id/3610Vendor Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
- http://nvidia.custhelp.com/app/answers/detail/a_id/3610Vendor Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
FAQ
What is CVE-2014-8298?
CVE-2014-8298 is a vulnerability with a CVSS score of 7.5 (HIGH). The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and C...
How severe is CVE-2014-8298?
CVE-2014-8298 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-8298?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Gpu Driver.