http://www.dslreports.com/forum/Nvidia-linux-binary-driver-priv-escalation-exploit-27387509 en Tue, 21 May 2013 22:34:27 EDT Tue, 21 May 2013 22:34:27 EDT http://www.dslreports.com/forum/Nvidia-linux-binary-driver-priv-escalation-exploit-27387509 From: Dave Airlie
Wed, 1 Aug 2012

"First up I didn't write this but I have executed it and it did work here,

I was given this anonymously, it has been sent to nvidia over a month
ago with no reply or advisory and the original author wishes to remain
anonymous but would like to have the exploit published at this time,
so I said I'd post it for them.

It basically abuses the fact that the /dev/nvidia0 device accept
changes to the VGA window and moves the window around until it can
read/write to somewhere useful in physical RAM, then it just does an
priv escalation by writing directly to kernel memory."

Dave.

»seclists.org/fulldisclosure/2012/Aug/4
--
Gladiator Security Forum
»www.gladiator-antivirus.com/
]]> http://www.dslreports.com/forum/Nvidia-linux-binary-driver-priv-escalation-exploit-27387509 Thu, 02 Aug 2012 11:06:54 EDT