Nvidia has been helping pave the way for Linux gaming for quite some time now, especially with the large amount of support they dump into their binary drivers. It comes to much dismay, then, to hear about a recently discovered exploit specific to those drivers. The exploit can result in system compromise to any machine running that driverset
. Apparently, the bug has been around for more than two years, and just has never been corrected:
Chad Loder , Rapid7's Manager of Engineering, explained that Nvidia has known about this bug in their binary driver for some time, "the link in the advisory is the earliest thread in which we could find an Nvidia employee publicly acknowledging the bug, although it was reported back in 2004 and has probably existed even longer."
The bug can be triggered by a maliciously crafted page on a machine using the drivers. That's the first I've heard of video card drivers causing such a hassle, on any platform. Hopefully Nvidia
will take care of the situation soon.